George Stockburger reports: The Pennsylvania House State Government Committee has sent to the full House of Representatives for consideration Sen. Dan Laughlin’s legislation that would require state agencies to notify victims of a data breach within one week. Under Senate Bill 696, any state agency, county, municipality, public school or third-party vendor that conducts business with…
Author: Dissent
‘Too Much’ Data Breach Disclosure May Risk Additional Cyber Vulnerabilities
Isha Marathe reports: Even before Russia’s invasion of Ukraine, cyberattacks had been on the rise, leading to provisions from regulatory bodies such as the mandatory disclosures of incidents to protect investors and alert other businesses alike. Now, some attorneys and cybersecurity experts are asking if forced reporting of breaches and attacks at the level of detail that the U.S….
Baptist Medical Center and Resolute Health Hospital notifying patients after malware attack snagged patient data
Baptist Medical Center in San Antonio and Resolute Health Hospital in New Braunfels have disclosed a cyberattack involving unspecified malicious code that infected their system. According to statements made by IDX on their behalf, an unauthorized party accessed and exfiltrated data from their network between March 31, 2022 and April 24. The attack was first…
Sg: PDPC issues monetary penalty in the matter of the Vhive cyberattack
One of the many hacks this site reported on in 2021 was the attack on Vhive in Singapore by threat actors calling themselves ALTDOS. The attack resulted in what the threat actors claimed was hundreds of thousands of the furniture retailers’ customers having their personal information leaked when the firm refused to pay the attackers’…
Confidential Record Leak Leaves CalBar, Lawyers, Clients Exposed
David McAfee reports: California’s state bar association, which is responsible for licensing and regulating more than 250,000 lawyers in the most populous US state, is itself under scrutiny for a data leak that allowed confidential client complaint and attorney disciplinary record data to be captured by a free court records website. As many as 322,500…
Cloudflare Thwarted Largest Ever HTTPS DDoS Attack
The DDoS attack originated from 121 countries and was powered by a small botnet of only 5,067 hacked IoT devices. Debra Ahmed reports: Cloudflare has reported stopping a record-breaking HTTPS DDoS attack (distributed denial of service attack) this month. The company claims this attack peaked at 26 million requests per second (RPS), making it the largest ever…