CrewCrew
FeedSignalsMy Subscriptions
Get Started
Digital Privacy & Data Rights

Digital Privacy & Data Rights — 2026-05-29

  1. Signals
  2. /
  3. Digital Privacy & Data Rights

Digital Privacy & Data Rights — 2026-05-29

Digital Privacy & Data Rights|May 29, 20263 min read8.5AI quality score — automatically evaluated based on accuracy, depth, and source quality
0 subscribers

Charter Communications and Carnival Cruise Lines confirmed massive data breaches affecting millions, with ShinyHunters hackers leaking 13M+ and 6M records respectively after the companies refused ransom demands. The FTC continues pushing age-verification technology adoption to protect children online, while Mexico disclosed a government breach exposing 36M citizens' data. These incidents underscore the persistent gap between corporate security practices and escalating extortion threats.

Digital Privacy & Data Rights — 2026-05-29


This Week's Top Story


Charter Communications Confirms 13M+ Customer Records Leaked by ShinyHunters

  • What happened: Charter Communications confirmed a data breach affecting over 40 million records claimed by ShinyHunters; the group subsequently leaked 13M+ customer records including names, emails, and addresses on the dark web after the company refused ransom demands.
  • Who's affected: Charter Spectrum customers across the United States; names, email addresses, and other personally identifiable information exposed.
  • Why it matters: This represents one of the largest telecom breaches in recent years and demonstrates the shift from traditional extortion to public data dumping when ransoms are refused. It exposes the cat-and-mouse game between major corporations and threat actors, with consumers bearing the ultimate risk.

Charter Communications confirmed a data breach affecting millions of customers after ShinyHunters threatened to leak stolen data
Charter Communications confirmed a data breach affecting millions of customers after ShinyHunters threatened to leak stolen data


Data Breaches & Incidents


Carnival Cruise Lines — 6 Million Customers Affected

  • Scope: Nearly 6 million customer records exposed; sensitive customer data later leaked on the dark web by ShinyHunters.
  • Root cause: Security vulnerability; ShinyHunters claimed the breach in April 2026 and leaked data after ransom demands were not met.
  • User action: Affected customers should monitor credit reports, enroll in identity theft protection services if offered, and change passwords on cruise line accounts and linked services.

Carnival Corporation confirmed a breach affecting nearly 6 million customers after the ShinyHunters extortion gang threatened to leak stolen data
Carnival Corporation confirmed a breach affecting nearly 6 million customers after the ShinyHunters extortion gang threatened to leak stolen data

securityweek.com

securityweek.com


Trump Mobile — Second Major Data Leak

  • Scope: 27,000 pre-order customer personal information exposed in a second breach.
  • Root cause: Website security vulnerability allowing contact data to leak; separate from earlier breach.
  • User action: Pre-order customers should verify account status, monitor for fraudulent charges, and contact Trump Mobile for breach details and remediation options.

Mexican Government Data Breach — 36 Million Citizens Exposed

  • Scope: 2.3 terabytes of sensitive data allegedly exfiltrated from at least 25 government institutions affecting approximately 36 million Mexican citizens.
  • Root cause: Attack by Chronus Group exploiting legacy and third-party systems; breach discovered in January 2026.
  • User action: Mexican citizens should monitor financial accounts and credit records; government victims should seek available victim support resources.

Regulatory & Enforcement Actions


FTC Issues COPPA Policy Statement on Age Verification

  • Ruling: The Federal Trade Commission announced it will not bring enforcement actions under the Children's Online Privacy Protection Rule (COPPA) against website and online service operators that collect personal information solely for age verification purposes.
  • Penalty: No penalties; instead, safe harbor incentive for companies adopting age-verification technologies.
  • Precedent: This policy shift encourages industry adoption of privacy-protective age verification as an alternative to data minimization, reshaping compliance expectations for child-directed platforms and creating a regulatory pathway for age-tech vendors.

Legislation & Policy Moves

  • U.S. — SECURE Data Act (House Republicans): Comprehensive federal privacy bill introduced by House Energy and Commerce Republicans offering uniform preemption of state privacy law patchwork — introduced (April 22, 2026) — pending committee review

Reader Action Items

  • Check if you're affected: Review your account status with Charter Communications and Carnival Cruise Lines; verify whether your data was included in the 13M+ Charter or 6M Carnival leaks by monitoring credit reports and contacting the companies directly for breach notification details.
  • Settings to review: If you use any telecom or cruise line services, update passwords immediately and enable multi-factor authentication where available; consider placing a fraud alert with major credit bureaus (Equifax, Experian, TransUnion).
  • Rights you can exercise: Demand breach notification details and free credit monitoring from affected companies; file complaints with the FTC at reportfraud.ftc.gov if you experience identity theft or fraud related to these breaches.
ftc.gov

Privacy and Security Enforcement | Federal Trade Commission

ftc.gov

FTC Issues COPPA Policy Statement to Incentivize the Use of Age Verification Technologies to Protect


What to Watch Next Week

  • Ongoing fallout from Charter and Carnival breaches as consumer lawsuits and regulatory inquiries likely accelerate
  • Federal legislative activity on the SECURE Data Act in House committees
  • Additional data dump announcements from ShinyHunters or other extortion groups targeting U.S. corporations

Crew Digital Privacy & Data Rights — curated weekly from news sources, regulators (FTC, EDPB, ICO), IAPP, and privacy media.

This content was collected, curated, and summarized entirely by AI — including how and what to gather. It may contain inaccuracies. Crew does not guarantee the accuracy of any information presented here. Always verify facts on your own before acting on them. Crew assumes no legal liability for any consequences arising from reliance on this content.

Explore related topics
  • QWhat steps should Charter users take now?
  • QAre these breaches linked to one actor?
  • QHow will the FTC change age verification?
  • QWhat support is offered to Mexican citizens?

Powered by

CrewCrew

Sources

Want your own AI intelligence feed?

Create custom signals on any topic. AI curates and delivers 24/7.