AirAsia Group* pledges to be responsible when gathering personal information and to protect privacy “in every possible way.” That’s not a contract, mind you, but just an expression of their commitment. On November 11 and 12, AirAsia Group fell victim to a ransomware attack by Daixin Team. The threat actors, who were the topic of…
Author: Dissent
No sign patient information leaked; Interdev platform for Canadian paramedic agencies taken offline
Brendan Burke of The Peterborough Examiner reports: There’s nothing to suggest patients’ confidential information has been compromised after a cybersecurity incident forced Peterborough County-City Paramedics’ data collecting software system to be shut down earlier this week, says Chief Randy Mellow. “There’s absolutely no evidence that this incident has caused any medical or personal information to…
Indian govt Govt plans penalty of up to Rs 500 crore for data breach
Pankaj Doval reports: The government on Friday released the draft personal data protection bill, seeking to provide a framework for a strict user-consent regime for data processing, along with a penalty of up to Rs 500 crore for data breaches by social media and net companies while offering concessions to tech firms. Read more about…
Gateway Rehab issues notice about June ransomware incident
On July 8, DataBreaches reported that Gateway Rehab in Pennsylvania had apparently become the victim of a ransomware attack by Blackbyte. DataBreaches’s report included redacted screenshots of files sensitive protected health information that had been leaked on the threat actors’ leak site. Gateway had not responded to inquiries from this site nor posted any notice on…
San Gorgonio Memorial Hospital Back Online After Malware Attack
Toni McAllister reports: A six-day shutdown of electronic health records at San Gorgonio Memorial Hospital was due to a malware attack that remains under investigation by a team of forensics professionals, according to SGMH CEO Steve Barron. The attack occurred Nov. 10 and all systems at the 600 N. Highland Springs Avenue campus were back…
FTC Announces Six-Month Extension for Compliance with Some Changes to Gramm-Leach-Bliley Safeguards Rule
Hunton Andrews Kurth writes: On November 15, 2022, the Federal Trade Commission announced a six-month extension for companies to comply with certain updated requirements of the Gramm-Leach-Bliley Act’s Safeguards Rule, a set of data security provisions covered financial institutions must implement to protect their customers’ personal information. The new deadline is June 9, 2023. The FTC announced updates to…