Jessica Lyons Hardcastle reports: Public companies that suffer a computer crime likely to cause a “material” hit to an investor will soon face a four-day time limit to disclose the incident, according to rules approved today by the US Securities and Exchange Commission. The SEC proposed the changes last March, and on Wednesday the financial watchdog voted…
Author: Dissent
CardioComm, a provider of ECG monitoring devices, confirms cyberattack downed its services
Carly Page reports: CardioComm Solutions, a Canadian provider of consumer and professional-grade heart monitoring technologies, has been downed by an ongoing cybersecurity incident. The Toronto-based organization said on Tuesday that its business operations will be “impacted for several days and potentially longer” following a “cybersecurity incident on the Company’s servers.” At the time of writing,…
Recent NYS audits of K-12 school districts’ infosecurity
A toot by Doug Levin yesterday reminded me that I haven’t posted NYS Comptroller audits of school districts in a while. So here are three to get caught up: Jericho Union Free School District – Acceptable Use Policy (2022M-194) Issued Date: July 21, 2023 Audit Objective Determine whether Jericho Union Free School District (District) officials…
Leaking Someone’s Personal Data Will Cost You Up to $2 Million in Pakistan
ProPK reports: A fine which may extend to $2 million or an equivalent amount in Pakistani rupees would be levied on those who process or cause to be processed, disseminate, or disclose personal data in violation of any of the provisions of the “Personal Data Protection Bill, 2023”. The Ministry of Information, Technology and Telecommunication…
Deloitte denies Cl0p data breach claims in wake of MOVEit attack
Ross Kelly reports: Deloitte has refuted claims that the Cl0p ransomware gang has breached its systems and stolen company data amid speculation online. The accountancy firm was cited as a victim on Cl0p’s breach disclosure blog, sparking concerns that clients at the consultancy could be at risk. In its disclosure, Cl0p claimed “the company doesn’t…
Major Malaysian water utilities company hit by hackers; Ranhill offline; hackers claim databases and backups deleted
After a period of quiet, DESORDEN Group has re-emerged as a threat to Malaysian entities, and now, it seems, to providing drinkable water to Johor (see this post from 2021 for an overview of Ranhill Utilities Berhad in the environment sector and the role of AquaSmart). In a statement sent to DataBreaches this morning, DESORDEN writes:…