Ionut Ilascu reports: The Lapsus$ data extortion group leaked today a huge collection of confidential data they claim to be from Samsung Electronics, the South Korean giant consumer electronics company. The leak comes less than a week after Lapsus$ released a 20GB document archive from 1TB of data stolen from Nvidia GPU designer. In a note posted…
Author: Dissent
PA: Fleetwood Area School District hit by ransomware
WFMZ reports: Officials at a school in Berks County said their computer systems were attacked by ransomware. Fleetwood Area School District Superintendent Greg Miller sent a letter to families and staff Friday afternoon informing them that technical difficulties experienced on Wednesday morning were the result of a ransomware attack. Read more at WFMZ.
Crossroads Health of Lake County discloses breach affecting former Beacon Health patients
It’s not a huge breach in terms of numbers compared to other breaches we’ve seen, but an incident reported by Crossroads Health in Ohio caught my eye because once again, it was old (legacy) data that was accessed and exfiltrated. In an undated statement on their website, Crossroads explains that an unauthorized party gained access…
The Puerto Rican Organization to Motivate, Enlighten, and Serve Addicts (PROMESA) discloses 2020 data breach
Is there anyone who thinks this timeline/delay to notification is just fine? On July 17, 2020, Acacia determined that an unauthorized person gained access to certain employee email accounts for a limited time between June 6, 2020 and June 12, 2020. Their investigation was inconclusive as to whether anyone accessed the emails and attachments in…
PA lawmaker wants state to review entire process that led to company’s contact tracing data breach
Rick Earle reports: A state lawmaker has requested the auditor general review the entire process that led to the awarding of that $30 million contract with Insight Global to do contact tracking in Pennsylvania. State Rep. Jason Ortitay, a Republican from Bridgeville, told Target 11 Investigator Rick Earle that this may be the only way…
NIS 2.0—the EU looks to bolster its cybersecurity laws
On 17 February 2022, the second-round of trilogue negotiations commenced between the EU’s institutions on the so-called ‘NIS2’ Directive, which intends to reform the EU’s current cybersecurity rules. Dan Whitehead of Hogan Lovells writes: NIS2 is intended to update the existing Directive 2016/1148 (the Network and Information Security Directive (NIS1)) which took effect in May…