I don’t know how he finds the energy to do it, but Marco A. DeFelice (@amvinfe on Twitter) continues to track disclosures involving Blackbaud’s ransomware incident of 2020. He has organized his tabulations by whether the entities are hospitals or educational facitlities, etc. Today he has provided another update to the education sector, in which…
Author: Dissent
Update: BioTel Heart notifies patients of vendor leak. Did vendor fail to notify them?
A cardiac monitoring firm is now notifying patients after a Google search on their name in January led them to an August, 2020 report on this site about a vendor’s leak. But why didn’t they know about it already from the vendor last year or from the notifications this site had sent them last year?…
Booking.com hit with €475K penalty for failing to report a breach within 72 hours
Politico reports: Hotel booking site Booking.com got hit with a €475,000 fine for being late to report a data breach, the company’s lead EU privacy regulator announced Wednesday. The fine, imposed by the Dutch data protection authority because the company is legally established in Amsterdam, came after criminals stole the personal data of more than…
GA: Cyberattack on Cobb schools enabled by contractor’s weak password, police say
Kristal Dixon reports: An attack on the Cobb County School District’s crisis management system that forced all schools into lockdown last month happened because of a weak password, according the police. The password was not created by a school district employee, but a worker with the AlertPoint security system used by the district, police said….
Iranian cyberspies target professionals at medical research organizations in the US, Israel
Catalin Cimpanu reports: Hackers linked to Iran have targeted 25 senior professionals at various medical research organizations located in the US and Israel as part of a weeks-long phishing campaign, email security firm Proofpoint revealed today. The attacks are part of a long series of attacks that have repeatedly and increasingly targeted medical and pharmaceutical…
Ransomware: A Perfect Storm
Ransomware: A Perfect Storm James Sullivan and James Muir Emerging Insights, 29 March 2021 This Emerging Insights paper calls for a new set of policy interventions to reduce the threat from ransomware. Options range from introducing legislation to prevent ransom payments, to tackling the use of penetration testing tools used in ransomware attacks, to national-level mechanisms…