Cybernews reports: More than 1.3 million files – stolen from Sony-owned Insomniac Games in last week’s ransomware attack – have now been leaked online by the Rhysida gang. Rhysida claimed the Insomniac hack of “exclusive, unique, and impressive data” on its dark leak site December 11th. The stolen data was put up for auction with a […]
FastCompany reports: Providers of critical infrastructure in the United States are doing a sloppy job of defending against cyber intrusions, the National Security Council tells Fast Company, pointing to recent Iran-linked attacks on U.S. water utilities that exploited basic security lapses. The security council tells Fast Company it’s also aware of recent intrusions by hackers linked to China’s military at […]
Judgment of the Court in Case C-340/21 The Bulgarian National Revenue Agency (the NAP) is attached to the Bulgarian Minister for Finance. In particular, it is responsible for identifying, securing and recovering public debts. In this context, it is a personal data controller. On 15 July 2019, the media reported an intrusion into the NAP […]
FBI Offers Decryption Tool to Over 500 Victims Around the World, Additional Victims Encouraged to Come Forward The Justice Department announced today a disruption campaign against the Blackcat ransomware group — also known as ALPHV or Noberus — that has targeted the computer networks of more than 1,000 victims and caused harm around the world […]
While many ransomware groups claim there’s nothing personal in what they are doing and that it’s “just business,” there are some lines even criminals should never cross. Interfering with patient care when lives might be on the line if care is delayed or disrupted is one such line. Attempting to harass, threaten, or extort seriously […]
Commission to Expand Scope and Rule Requirements to Reflect Current Security Landscape WASHINGTON, December 13, 2023—The Federal Communications Commission today adopted rules to modify the Commission’s 16-year-old data breach notification rules to ensure that providers of telecommunications, interconnected Voice over Internet Protocol (VoIP), and telecommunications relay services (TRS) adequately safeguard sensitive customer information. Today’s action […]
Reuters reports: Ukraine’s biggest mobile network operator, Kyivstar, was hit on Tuesday by what appeared to be the biggest cyber attack of the war with Russia so far, knocking out mobile and internet services for millions. Kyivstar has 24.3 million mobile subscribers – more than half of Ukraine’s population – as well as over 1.1 […]
Dark Reading reports the findings of an Apple-commissioned study supports the adoption of end-to-end encryption to protect sensitive data from theft or misuse: In 2021 and 2022, data breaches exposed a staggering 2.6 billion personal records — some 1.5 billion of them last year alone. That number will likely be even higher in 2023 if […]
The Record reports: The FBI has published guidance on how companies can request a delay in disclosing cyber incidents to the Securities and Exchange Commission (SEC). The document is a followup to new rules that the SEC approved in June requiring companies to quickly disclose “material” cybersecurity incidents and share the details of their cybersecurity risk management, […]
Looking Back at 2023 and Ahead to 2024
A small round-up of posts and analyses of the past year, and predictions for the year ahead. Looking Back at 2023: Data Breaches and Breach Laws Passed Washington State Attorney General Ferguson AG report: Data breaches decline for the second consecutive year, remain historically high List of Data Breaches and Cyber Attacks in 2023 2023 […]