While New South Wales’ new COVID outbreak is causing problems, it has other problems as well. On July 9, GRC World Forums reported: The New South Wales (NSW) department of education in Australia has deactivated some internal systems after becoming the victim of a cyber-attack. The timing has created considerable challenges for staff as they…
Category: Business Sector
Mint Mobile hit by a data breach after numbers ported, data accessed
Lawrence Abrams reports: Mint Mobile has disclosed a data breach after an unauthorized person gained access to subscribers’ account information and ported phone numbers to another carrier. According to the data breach notification email sent to affected subscribers this weekend, between June 8th and June 10th, a threat actor ported the phone numbers for a…
Kroger reaches $5M settlement with Accellion breach victims, as Supreme Court defines ‘actual harm’
Jessica Davis reports: Kroger reached a $5 million lawsuit settlement with individuals impacted by a breach reported in February. The settlement was the third legal action tied to a health care data breach this week, shedding light on the rise in breach-related lawsuit trends in the sector in the last few years. Read more on…
New York Department of Financial Services Announces a $1.8 Million Settlement with Two Life Insurers for Data Breach Violations
Zachary Dyer, Steven Imber, Justin Liby, and Jennifer Osborn Nix of Polsinelli write: The New York Department of Financial Services (“NYDFS”) recently announced that it has entered into a Consent Order with two affiliated life insurers for alleged violations of New York’s Cybersecurity Regulation (the “NY Cybersecurity Regulation”). The NYDFS conducted an investigation and determined…
Insurance giant CNA reports data breach after ransomware attack
Sergiu Gatlan reports: CNA Financial Corporation, a leading US-based insurance company, is notifying customers of a data breach following a Phoenix CryptoLocker ransomware attack that hit its systems in March. […] “The investigation revealed that the threat actor accessed certain CNA systems at various times from March 5, 2021 to March 21, 2021,” CNA said…
Sg: Spooked by website hacking, ad firm beefs up security, stops using default passwords
Kenny Chee reports: A simple, default password shared by employees was possibly the weak link that allowed hackers to break into advertising and creative agency Splash Productions‘ website and deface it. The incident, which happened about five to six years ago, was a wake-up call that spurred the company to drastically improve its cyber security…