ES: HLA Grupo Hospitalario data listed for sale after web server misconfiguration On March 14, a forum user on BreachForums listed data from the HLA Grupo Hospitalario in Spain for sale. The listing advertised 45,000 patient records and information on 1,600 doctors, with samples provided of each. HLA Grupo Hospitalario is owned by Asisa, which…
Category: Business Sector
Monetary Authority of Singapore Sets Out Revised Expectations for Notification of Data Breaches by Licensed Insurers
Rajesh Sreenivasan, Steve Tan, Benjamin Cheong, Lionel Tan, Tanya Tang, Wong Onn Chee, Simon Goh, and Wang Ying Shuang of Rajah & Tann Asia write: On 22 February 2023, the Monetary Authority of Singapore (“MAS“) issued Circular No. ID 03/23 – Notification of Data Breaches to the Monetary Authority of Singapore (“Circular 03/23“). Circular 03/23…
Shopee, Carousell most popular platforms used by phishing scammers
CNA reports: Taipei, March 12 (CNA) Shopee and Carousell, two online marketplaces based in Singapore, have been the two C2C platforms on which customers were most likely to fall victim to phishing scams in Taiwan over the past five weeks, the Criminal Investigation Bureau (CIB) said Sunday. After analyzing information reported by the public on…
NY Attorney General James Continues Crackdown on Unregistered Cryptocurrency Platforms
If you’re a cryptocurrency platform doing business in New York but are not registered with the state, Attorney General James will be coming after you. NEW YORK – New York Attorney General Letitia James today continued her efforts to crack down on unregistered cryptocurrency platforms by filing a lawsuit against KuCoin for failing to register…
SEC Charges Software Company Blackbaud Inc. for Misleading Disclosures About Ransomware Attack That Impacted Charitable Donors
Washington D.C., March 9, 2023 — The Securities and Exchange Commission today announced that Blackbaud Inc., a South Carolina-based public company that provides donor data management software to non-profit organizations, agreed to pay $3 million to settle charges for making misleading disclosures about a 2020 ransomware attack that impacted more than 13,000 customers. The SEC’s…
PDPC penalizes Eatigo over data protection failures leading to 2020 breach
On October 31, 2020, Eatigo reported a data breach of customer data and that the data had been put up for sale on a popular forum. The Personal Data Protection Commission investigated and found that: the personal data for sale on the online forum did not match any current databases in use by the Organisation…