Today's Headlines

1. Hacking group claims major hack of Novo Nordisk and attempted $25 million extortion

Source: The Hindu Tech | Read Original →

A hacking group, FulcrumSec, claims to have breached global pharmaceutical giant Novo Nordisk in March, demanding a $25 million ransom. This incident underscores the severe and ongoing threat of cyberattacks to sensitive corporate and personal data, highlighting the critical need for robust data protection measures by Data Fiduciaries under Section 8(5) — Reasonable Security Safeguards. If Indian personal data were compromised, Novo Nordisk could face significant penalties up to ₹250 Crore under the DPDP Act for breach of security safeguards, alongside Section 34 — Breach Notification obligations.

2. Elon Musk's AI tool Grok was used in strikes against Iran, says U.S. government

Source: The Hindu Tech | Read Original →

The U.S. government has reportedly used Elon Musk's Grok AI tool in military strikes against Iran, despite the government terminating contracts with other AI providers like Anthropic over ethical concerns regarding autonomous weapons and mass surveillance. While an international story, it raises critical questions for Indian businesses on the ethical and responsible deployment of AI, particularly concerning purpose limitation (Section 6) and the processing of personal data, underscoring the need for careful due diligence when integrating advanced AI systems into operations that may handle sensitive information.

3. India’s Digital Personal Data Protection Act, 2023 in 2026: What Businesses Must Do Now Before Enforcement Tightens - iTMunch

Source: Google News DPDP | Read Original →

A new article from iTMunch emphasizes the immediate urgency for Indian businesses to comply with the DPDP Act 2023, stressing that the window for grace periods is closing as enforcement tightens. It highlights the proactive steps Data Fiduciaries must take now to avoid penalties, focusing on understanding and fulfilling obligations under Section 8 — Data Fiduciary obligations, including obtaining valid consent, implementing security measures, and ensuring data principal rights are upheld.

4. Data Privacy Compliance in India: A Practical Guide - Salesforce

Source: Google News DPDP | Read Original → Salesforce has published a practical guide on data privacy compliance in India, offering businesses clear, actionable steps to navigate the complexities of the DPDP Act. This resource provides valuable insights for CTOs and compliance officers on establishing frameworks for data processing, managing consent, and ensuring adherence to the Act's provisions, further underscoring the growing availability of tools and knowledge to aid compliance efforts.

Stay Compliant

Not sure if your business meets DPDP standards? Start with a free check:

🔍 Run Your Free DPDP Audit →

16 questions. 60 seconds. Instant risk report.

---

Published by DPDP News, a Meridian Bridge Strategy initiative. For compliance consulting, book a free call.