KrebsOnSecurity site reports that Salesforce Community public websites may be leaking data from organizations including banks, healthcare and government. This comes two years after a researcher first identified risk from misconfiguration in the Salesforce sites that allowed for exploitation. Now, according to KrebsOnSecurity, leaks are happening widely – and despite organizations being notified, most have not addressed the problem.
The EU Commission has named 17 companies and 2 search engines to its Very Large Online Platforms (VLOPs) and Very Large Online Search Engines (VLOSEs) lists for Digital Services Act (DSA) regulation. This includes Alibaba, Amazon, Facebook, and TikTok (VLOPs), and Bing and Google Search (VLOSEs), which will now have four months to comply with new obligations to be regulated by the DSA.
Indiana is the 7th US state to pass a privacy law. The Indiana Consumer Data Protection Law includes protection of the right to know, correct, and delete. It will go into effect in 2026. Montana and Tennessee's legislatures have both approved privacy bills that may come into effect sooner. Montana’s governor requested amending the Montana Consumer Data Privacy Act to ban not just TikTok but also other social media sites perceived as from foreign adversaries. With Tennessee, the Information Protection Act is business-friendly and weaker than privacy laws in the first states, California, Colorado, Connecticut, Iowa, Utah, and Virginia.
GrowthLoop will use TransUnion identity data to improve U.S. consumer match rates on client files sent to advertising media such as Facebook and Google Ads. The data should also help clients to find matches among records within their files, building more accurate customer profiles. GrowthLoop calls itself a “composable CDP”, meaning it works with data assembled in external data warehouses.