A series of articles on the processes involved in responding to a data breach. Overview By now, most business owners know that it is not a question of whether, but rather, when, your business will suffer a data breach. Depending on what laws apply to your business, you may only have a matter of days […]
The following announcement was issued by the Office of the Privacy Commissioner of Canada on June 10. The Data Breach Times has previously reported on the 23andMe data breach.
When a rural hospital suffers a cyberattack that may knock it offline or encrypt all of its systems and patient records, the human cost can be enormous. Sadly, it is not unusual for criminal groups to attack hospitals, believing that they will have no choice but to pay extortion demands. In a statement issued Monday […]
In a week when some big data breaches, like Ticketmaster and Santander, have already been disclosed and confirmed, yet another big breach is now being claimed. An individual calling themself “Sp1d3r” claims to have acquired data on 190 million people who contacted QuoteWizard to get quotes on insurance. The threat actor claims the data includes: […]
Snowflake has issued a statement disputing claims made by some threat actors that were published by a security vendor. The vendor, in response to a legal threat from Snowflake, subsequently deleted their article. The Hacker News reports: Cloud computing and analytics company Snowflake said a “limited number” of its customers have been singled out as […]
In February, Cencora (formerly known as AmerisourceBergen/Lash Group) filed notice of a cybersecurity incident with the Securities and Exchange Commission: On February 21, 2024, Cencora, Inc. (the “Company”), learned that data from its information systems had been exfiltrated, some of which may contain personal information. Upon initial detection of the unauthorized activity, the Company immediately took containment […]
A press release from the Securities and Exchange Commission (SEC): Washington D.C., May 22, 2024 — The Securities and Exchange Commission today announced that The Intercontinental Exchange, Inc. (ICE) agreed to pay a $10 million penalty to settle charges that it caused the failure of nine wholly-owned subsidiaries, including the New York Stock Exchange, to […]
The government is investing in helping to secure hospitals from ransomware attacks: Safeguarding protected health information is a top priority for the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR). OCR is sharing the following announcement of Advanced Research Projects Agency for Health (ARPA-H) on the launch of Universal PatchinG and Remediation […]
The following is a press release from the Securities and Exchange Commission: Washington D.C., May 16, 2024 — The Securities and Exchange Commission today announced the adoption of amendments to Regulation S-P to modernize and enhance the rules that govern the treatment of consumers’ nonpublic personal information by certain financial institutions. The amendments update the […]
BreachForums, a popular hacking forum where users can sell, leak, or share stolen data or information, was seized this week by the FBI, DOJ, and international partners. Because none of the governments have issued any press releases or statements yet, there is much that has yet to be confirmed or disconfirmed, but on Wednesday, a […]
