Looks like I missed this announcement from the Office of the Information and Privacy Commissioner of Alberta on January 19: An Edmonton-based pharmacist received a $5,000 fine, plus a $1,000 victim fine surcharge, on Friday, Jan. 15 for using health information in contravention of the Health Information Act (HIA). Stanislaus Soosai accessed and used the health information…
Month: January 2021
Hezbollah’s cyber unit hacked into telecoms and ISPs
Catalin Cimpanu reports: A Hezbollah-affiliated threat actor known as Lebanese Cedar has been linked to intrusions at telco operators and internet service providers in the US, the UK, Israel, Egypt, Saudi Arabia, Lebanon, Jordan, the Palestinian Authority, and the UAE. The year-long hacking campaign started in early 2020 and was discovered by Israeli cyber-security firm…
Crypto Firm hacked for $1.4M reimburses users for stolen BTC and ETH
Varsha Saraogi reports: … In the past year, even established companies such as Twitter, Marriott International and SolarWinds were victims of laptop-wielding larcenists losing millions of resources and user data. Another such firm was Spain-based crypto trading firm 2gether where hackers stole roughly €1.2 m worth of cryptocurrency from its customers’ investment accounts. […] Now,…
Ca: Cyber security incident at Peel District School Board causes system outage
City News reports: Peel District School Board says it’s in the process of getting back to normal operations after a cyber security incident on January 26th that resulted in the encryption of files and systems. Releasing a statement on Twitter Thursday evening, the PDSB says there’s no reason to believe any personal or sensitive information…
Australian government ordered to pay 1,300 asylum seekers whose details were exposed
Christopher Knaus reports an update to a breach that occurred in 2014 — a breach that resulted in entities in numerous countries downloading asylum seekers’ information. The Australian government has been ordered to compensate almost 1,300 asylum seekers whose details were mistakenly exposed online in one of the country’s most shocking privacy breaches. After almost…
Nefilim Ransomware Attack Uses “Ghost” Credentials
Dan Kobialka reports: Sophos researchers have discovered a Nefilim ransomware attack in which an unmonitored account belonging to a deceased employee was used to infiltrate more than 100 systems. During the cyberattack, a Nefilim threat actor exploited vulnerable Citrix software, Sophos indicated. The actor gained access to the Citrix admin account and stole the credentials for a domain…