LATEST POST
MoneyGram now says customer data was impacted in security incident
It’s always risky to quickly claim that there’s no evidence that customer data has been compromised in a data breach incident because you may find out later that it has been. While MoneyGram confirmed a breach weeks ago, they were careful not to make any claims about whether customer data was impacted. Now there’s an […]
General Hospital Cybersecurity Requirements Take Effect in New York
A new regulation related to cybersecurity program requirements for all New York general hospitals licensed under Article 28 of the Public Health Law (PHL) took effect on October 2, 2024. All general hospitals covered by the regulation must comply with the new provisions within one year of the adoption date, except that general hospitals must […]
New York Data Breach Requirements Set Reporting Tone Nationally
Brian Montgomery is a partner at Pillsbury and a former NYDFS deputy superintendent. Mark Krotoski is a partner at Pillsbury and former national coordinator for the Computer Hacking and Intellectual Property Program at the Department of Justice. In an article on Bloomberg Law, they write: Cybersecurity regulations can be a constantly moving target, with digital advances and […]
American Water Works believes no water, wastewater facilities affected by cyberattack
The Record reports: None of the water or wastewater facilities run by the American Water Works company were affected by a cyberattack that began last week, according to a statement released on Monday. The company, which supplies water to millions of Americans, filed documents with the Securities and Exchange Commission (SEC) on Monday notifying the public of […]
Comcast and Truist Bank customers caught up in FBCS data breach
Bleeping Computer reports: Comcast Cable Communications and Truist Bank have disclosed they were impacted by a data breach at FBCS, and are now informing their respective customers that their data has been compromised. […] According to a notice submitted to the Maine authorities, 273,703 Comcast customers were impacted by the breach. “FBCS’s investigation discovered that files downloaded […]
Notifications to breach victims are too late and provide too little important information
A recent press release from the Dutch DPA (Autoriteit Persoonsgegevens) emphasizes that Dutch organizations need to do better in providing breach victims with timely information that they need to protect themselves. If the Dutch DPA thinks warnings or alerts sent to victims more than three weeks after a breach is “way too slow,” The Data […]
Recent fines imposed by Norway’s Data Protection Agency
Datatilsynet is Norway’s Data Protection Authority. Inspection of its website indicates that it has not imposed many monetary penalties in recent years for violations of the Personal Data Act 2000. After 2021, in which it reported 37 actions, it issued only 12 reports in 2023, and only 7 so far in 2024. Here are two […]
Chinese hackers breached US court wiretap systems
Reuters reports that Chinese hackers accessed the networks of U.S. broadband providers and obtained information from systems that the federal government uses for court-authorized wiretapping. The Wall Street Journal first reported the story on Saturday. Verizon Communications, AT&T, and Lumen Technologies are among the telecoms companies whose networks were breached by the recently discovered intrusion, […]