Recent decisions by the Data Protection Commissioner of Singapore include the following: Directions were issued to Crawfort Pte to conduct a security audit of its technical and administrative arrangements for its AWS S3 environment and rectify any security gaps identified in the audit report. This is pursuant to a data breach incident where Crawfort’s customer…
Category: Business Sector
DHS: Cyber Safety Review Board Releases Unprecedented Report of its Review into Log4j Vulnerabilities and Response
Report Includes 19 Specific Recommendations for Government and Industry WASHINGTON – Today, the U.S. Department of Homeland Security (DHS) released the Cyber Safety Review Board’s (CSRB) first report, which includes 19 actionable recommendations for government and industry. The recommendations from the CSRB – an unprecedented public-private initiative that brings together government and industry leaders to…
Hilton Garden Inn Cleveland Downtown warns of credit card data breach
Today’s reminder that malware on point-of-sale systems is still a thing. Danielle Cotterman reports: If you used a credit or debit card at Hilton Garden Inn Cleveland Downtown, you may want to double-check your bank statements. The hotel, located at 1100 Carnegie Avenue, is notifying customers that payment information may have been stolen from cards used…
200,000 Colorado Springs Utilities notified after unauthorized data access of subcontractor’s system
Ashley Eberhardt reports: Colorado Springs Utilities said in an email to customers that sensitive data stored by a subcontractor had been accessed by an “unauthorized party” in June. In the email sent out on Wednesday, Springs Utilities said they learned of the breach on July 6, and that the breach occurred on June 15, 2022….
Federal Court Dismisses Colonial Pipeline Cybersecurity Litigation
Kristin L. Bryan of Squire Patton Boggs writes: Recently a federal court dismissed cybersecurity litigation brought in the wake of the May 2021 Colonial Pipeline Ransomware attack. Ramon Dickerson et al. v. Colonial Pipeline Co. et al., No. 1:21-CV-02098 (N.D. Ga. Jun. 17, 2022). Based on the attenuated theories of liability Plaintiffs sought to advance in this…
Russian Ministry for Digital Development proposes turnover fines for data breaches
RAPSI News reports: The Ministry for Digital Development, Communications and Mass Media of the Russian Federation is preparing a bill on turnover-based fines for the personal data breach. This additional responsibility is to put business up to invest in the development of the information safety infrastructure and the personal data protection, a statement released on…