Back to articles

Tag archive

#regulatory

2
Jul 18, 2026

23andMe Settles with 43 States for $18M After Data Breach

Genetic testing company 23andMe has agreed to an $18 million bankruptcy settlement with 43 U.S. states, including Pennsylvania, over a massive data breach discovered in October 2023. The breach, which impacted nearly 7 million customers, was attributed to credential stuffing attacks that succeeded due to poor security practices, such as a lack of mandatory multi-factor authentication (MFA). The settlement holds the company accountable for its security failures.

Jul 18, 20263 min read0 reactions0 comments
D
Jul 18, 2026

DOD Suspends CMMC 2.0 Phase II Implementation

The U.S. Department of Defense (DOD) has suspended the Phase II implementation of its Cybersecurity Maturity Model Certification (CMMC) 2.0 program. This phase would have mandated third-party assessments for contractors handling Controlled Unclassified Information (CUI). While existing cybersecurity requirements under DFARS and NIST SP 800-171 remain in effect, the DOD is now soliciting industry feedback via a Request for Information (RFI) to reform the program.

Jul 18, 20263 min read0 reactions0 comments
W
Jul 16, 2026

White House 'Gold Eagle' to Coordinate AI-Driven Vulnerability Patching

The White House has officially launched 'Gold Eagle,' a new national cybersecurity initiative designed to serve as a central clearinghouse for software vulnerabilities. The program will leverage artificial intelligence to discover, prioritize, and coordinate the remediation of security flaws, particularly in open-source software and critical infrastructure. Managed by the Department of the Treasury, Gold Eagle brings together CISA, DHS, DoD, and private sector partners to accelerate cyber defense and reduce duplicative efforts.

Jul 16, 20263 min read0 reactions0 comments