From PayBefore: The European Banking Authority (EBA) working with the European Central Bank (ECB) recently released a consultation paper on guidelines for payment service providers (PSPs) to follow in the event of security breaches. Among the suggested mandates is notifying authorities of an incident within two hours from the moment the breach is detected—that’s significantly faster than…
Month: December 2016
NJ family medicine practice notifying 4,277 patients after ransomware attack
Melissa Selke, MD, PC, a Family Medicine practice in New Jersey, issued a statement on December 2 concerning a hacking/ransomware incident. From the statement (.doc): On October 6, 2016, Dr. Selke discovered her information system had been infected with a virus that prohibited access to patient files. The integrity of the information system was immediately restored and…
Data enrichment records for 200 million people up for sale on the Darknet
Steve Ragan reports: Full data enrichment profiles for more than 200 million people have been placed up for sale on the Darknet. The person offering the files claims the data is from Experian, and is looking to get $600 for everything. Details of this incident came to Salted Hash via the secure drop at Peerlyst, where…
Facing a Data Breach Suit Without the Data Breach? ‘Scary.’
Roy Strom writes: Chieftains of corporate America have long feared the financial and reputational fallout from a hacking breach. But a class action suit unveiled against a law firm last week could add to their data security anxiety. The suit claims that companies and law firms should be held accountable for lax security measures even if their…
Boy, 17, who showed cyber criminals how to carry out a £42m attack on TalkTalk is given a 12 month rehabilitation order and has his phone confiscated
Thomas Burrows reports: A 17-year-old boy who hacked TalkTalk has been given a 12-month youth rehabilitation order and had his iPhone and computer hard drive confiscated for his role in the multi-million pound data breach. The boy, who was 16 at the time, used a software ‘hacking tool’ which uncovered the weakness before posting details…
Massive Australian Taxation Office data loss feared after Hewlett Packard Enterprise equipment crash
Fleur Anderson and Paul Smith report: The Australian Taxation Office has restored access to some of its online services, but concerns remain that large amounts of data have been lost after it suffered a “world-first” technical glitch to equipment from Hewlett Packard Enterprise more than 24 hours earlier. Tax officials were reportedly told to work…