LATEST POST
Hackers advertised 23andMe stolen data two months ago
TechCrunch reports: Genetic testing company 23andMe has been investigating a security incident after hackers advertised a trove of alleged stolen user data on a hacking forum last week. But the alleged stolen data may have been circulating for much longer than first known. TechCrunch has also found that some of the advertised stolen data matches […]
Congressman Charged with Stealing Donor IDs, Charging Their Credit Cards
Despite facing numerous charges, Representative George Santos (R-NY) refused to resign from Congress. Now he is reportedly facing yet even more charges in a superseding indictment. The Associated Press reports: A new indictment filed Tuesday charged U.S. Rep. George Santos with stealing the identities of donors to his campaign and then using their credit cards to ring […]
Flagstar Bank third-party breach affects more than 800,000 customers
Bleeping Computer reports Flagstar Bank in Michigan is notifying 837,390 customers whose personal information, including Social Security numbers, was acquired by the Clop hacking gang in May. The breach was not of Flagstar’s systems but at FISERV, a vendor they use for payment processing and mobile banking services. FISERV was one of thousands of entities […]
Bipartisan Measure Providing Free Credit Monitoring for Data Breach Victims Approved by Pennsylvania Senate
The state Senate today approved bipartisan legislation sponsored by Sen. Tracy Pennycuick (R-24) to strengthen notification requirements for data breaches and provide affected citizens with free credit monitoring and a credit report. Senate Bill 824, introduced with Sen. Jimmy Dillon (D-5), would provide citizens affected by a data breach a free credit report and a year of […]
FDA finalizes advice on cybersecurity info to include in device submissions
The law firm of Hogan Lovells has an article about FDA’s finalized guidance on “Cybersecurity in Medical Devices: Quality System Considerations and Content of Premarket Submissions.” They note: FDA’s new final guidance replaces the April 2022 draft guidance of the same name, which we analyzed online here, and it also supersedes FDA’s 2014 final guidance “Content of Premarket Submissions for Management […]
Your Online Account May Have Been Breached? Don’t Just Sit There. Do Something.
Sabrina I. Pacifici writes: WSJ via MSN: “How do consumers respond when their online accounts are exposed to hackers? Many of them simply don’t. Data breaches at major firms have become all too common, with more than 110 million user accounts exposed in just the second quarter of 2023. Yet our research found that nearly […]
Clorox Security Breach Linked to Group Behind Casino Hacks
Bloomberg reports that “Scattered Spider” may also be responsible for the recent attack on Clorox: A notorious group of hackers blamed for recent breaches on major casino companies is also suspected of being behind a recent cyberattack against Clorox Co. that has led to a nationwide shortage of its cleaning products. Officials suspect that “Scattered Spider” is […]
Indiana attorney general sues Carepointe over violation of consumer protection, privacy laws
IPB reports: Indiana Attorney General Todd Rokita is suing a northwest Indiana medical office over a ransomware event that put personal and protected health information at risk. The lawsuit alleges the provider was aware of security concerns before the data breach. The lawsuit filed last week against CarePointe — an ear, nose, throat, sinus and hearing […]