October 2023 marks the 20th anniversary of the effective date of the Gramm-Leach-Bliley Safeguards Rule. Its purpose then – and its purpose now – is to protect consumers by requiring entities covered by the Rule to “develop, implement, and maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of customer […]
Stock prices often fall after a major breach is announced. Many will rebound quickly, but not all do. Here is an example from this past week of a firm taking a significant stock hit shortly after a breach was announced. CNBC reports: Shares of cybersecurity firm Okta closed down 11.5% after the company said an unidentified hacking group had […]
An international group of law enforcement agencies have seized the dark web portal used by the Ragnar_Locker ransomware gang. The notice appeared today, and although there have been no press releases yet by either Interpol, Europol, or the FBI, TechCrunch was able to get confirmation from a spokesperson for Europol that information will be released […]
The same individual, “Golem,” who leaked DNA data from 23andMe on BreachForums has now leaked even more data. While the original leak was described as relating to Ashkenazi Jews, the newest leak of more than 4 million records was described as being users from Great Britain and Germany, including data from “the wealthiest people living […]
From a recent article on Reuters: Government regulators are seemingly as numerous as the stars nowadays, especially in the universe of data incidents. When organizations experience a data incident, they will need to quickly assess what happened, why it happened, and who (e.g., clients, consumers, vendors, employees) was affected. They will also need to chart […]
InfoTechLead reports that Accenture said on Thursday that the US Justice Department is investigating its unit, Accenture Federal Services, over allegations that one or more employees gave inaccurate information concerning the unit’s compliance with federal security controls. The disclosure was made in an SEC filing: After Accenture Federal Services (“AFS”) made a voluntary disclosure to the U.S. […]
PA Media reports that Equifax UK was fined over a breach at the firm’s U.S. owner, Equifax, Inc. The UK’s financial watchdog has fined Equifax £11 million for its role in one of the largest cyber attacks, which affected more than 13 million British consumers in 2017. The credit rating giant failed to keep its […]
Bloomberg reports that “Scattered Spider” may also be responsible for the recent attack on Clorox: A notorious group of hackers blamed for recent breaches on major casino companies is also suspected of being behind a recent cyberattack against Clorox Co. that has led to a nationwide shortage of its cleaning products. Officials suspect that “Scattered Spider” is […]
Another day, another RICO class action? Courthouse News reports: Taxpayers slapped Meta, Google and H&R Block with a sprawling RICO class action Wednesday, claiming that a “shocking breach” coordinated by the companies resulted in scraping taxpayers’ private information for profit. In a 49-page complaint, the plaintiffs say the international firm H&R Block used customers’ private income […]
2023 Ponemon Healthcare Cybersecurity Report
In its second annual Study on Cyber Insecurity in Healthcare, Proofpoint sponsored a Ponemon survey of 653 IT and IT security practitioners to find out how much progress the industry has made in the past year. Here are just a few highlights from this year’s report: You can access the full report on Proofpoint’s website.