Digital platforms continue to shape how we work, transact, and communicate. From design decisions to emerging security incidents, their impact on operations and risk continues to evolve.
Here’s a breakdown of this week’s key developments and what they mean for security and governance.
EU Issues Preliminary Ruling on TikTok’s Addictive Design
European regulators have issued a preliminary warning that could lead to a fine for TikTok over concerns that its design encourages unhealthy overuse. The EU says features like infinite scroll, autoplay, constant notifications, and highly personalised recommendation algorithms keep users on the app longer than they realise.
Investigators pointed to patterns such as excessive nighttime use by younger users and the frequency with which people reopen the app throughout the day, signalling compulsive behaviour that the platform allegedly failed to address. While TikTok offers parental controls and screen-time tools, the Commission considers them insufficient because they are optional, easy to dismiss, and depend on parents to activate them.
If the findings are confirmed, the company could face a fine of up to 6% of its global annual revenue.
Flickr Discloses Potential Data Breach Exposing Users’ Information
Flickr has warned users about a possible data breach linked to a vulnerability at a third-party email provider. Alerted on February 5, the company shut down access to the system within hours.
While the provider and the number of users impacted remain unnamed, Flickr acknowledged that personal account data may have been exposed. This includes real names, email addresses, usernames, IP addresses, location, account types, and platform activity. Passwords and payment details were not compromised, limiting direct financial risk, though the data could still be used for phishing or impersonation.
Flickr advised affected users to review account settings, watch for suspicious messages, and change passwords on other services if credentials were reused.
BridgePay Confirms Ransomware Attack Behind Nationwide Payment Disruption
BridgePay, a major US payment gateway, confirmed a ransomware attack caused a nationwide outage, disrupting card payments nationwide. The incident began with performance issues detected at 3:29 a.m. EST on February 6 and escalated into a full shutdown, disrupting transaction processing for merchants.
The company engaged the FBI, Secret Service, and forensic teams. Early findings suggest that payment card data was not exposed, and the accessed files remained encrypted.
The operational impact was immediate: businesses and local governments in cities like Palm Bay, Florida, and Frisco, Texas, switched to cash-only payments.
Recovery efforts are ongoing, and BridgePay warned that service restoration will take time.
Spain’s Ministry of Science Shuts Down Systems Following Suspected Breach
Spain’s Ministry of Science has partially shut down its IT systems following what it initially described as a technical incident. Soon after, a threat actor claimed responsibility for a cyberattack and shared samples of allegedly stolen data online.
The alleged attacker claims to have exploited an Insecure Direct Object Reference (IDOR) vulnerability to gain high-level administrative credentials. Data samples shared on underground forums reportedly include thousands of personal records, email addresses, enrolment applications, and passport scans.
While the ministry has not publicly confirmed the full scope, the leaked materials appear credible.
Italian University La Sapienza Hit by Cyberattack
La Sapienza University in Rome has taken its IT systems offline after a cyberattack caused widespread disruption. As Europe’s largest university serving over 122,000 students and 8,000 staff, the impact has been significant.
While the university has shared limited technical details, Italian media reports that the attack is likely ransomware linked to a pro-Russian threat group tracked as Femwar02. According to those reports, systems were encrypted using "BabLock" malware.
Staff have reportedly avoided opening the ransom message to prevent triggering a 72-hour countdown. Backups are believed to be intact, but concern remains that stolen data could be leaked or sold.
Inside Kasi Cloud, Nigeria’s First AI Data Centre in Lagos
A new technology campus near the Lagos–Calabar coastal road aims to transform Nigeria’s role in global computing. Kasi Cloud, the country’s first data centre built for artificial intelligence, is engineered to support up to 100 megawatts of power at full capacity.
Unlike standard facilities, hyperscale campuses target higher energy levels to support the dense, power-hungry GPU clusters required by advanced AI. The first building is set for an April 2026 launch.
The site includes a "meet-me room" for telecom links and underground fibre routes to prevent future disruptions. Project leaders emphasise that local capacity improves cost and control, allowing Nigerian firms to keep digital activity within reach.
For additional analysis of emerging risks, see our 2026 Cyber Threat Outlook. You can also join our newsletter to get security updates delivered straight to your inbox.