Aaron Nicodemus reports: The Securities and Exchange Commission (SEC) will require broker-dealers and registered investment advisers to adopt written policies and procedures for handling data breaches of customer data and notify affected customers within 30 days. On Thursday, the SEC approved amendments to Regulation S-P, known as the safeguards rule. The rule requires covered entities to…
Category: Business Sector
Post Millennial hack leaked data impacting 26 million people
Bill Toulas reports: Have I Been Pwned has added the information for 26,818,266 people whose data was leaked in a recent hack of The Post Millennial conservative news website. The Post Millennial is a conservative Canadian online news magazine belonging to the Human Events Media Group, which also operates the American ‘Human Events’ news platform. Earlier this month, both news…
Dell notifies customers of breach; seller “Menelik” is ShinyHunters (2)
On April 28, a new forum user on BreachForums called “Menelik” claimed to have 49 million Dell Technologies customer records for sale. The Daily Dark Web provided a screencap and details from the listing. The customer data purportedly includes data between 2017 and 2024, with “full names, addresses, cities, provinces, postal codes, countries, unique 7-digit…
Years later, Marriott admits data were not encrypted before its 2018 data breach. Now what?
What might happen to a company that has been making false claims about its system security for more than five years after experiencing a massive data breach? Will state attorneys general, the SEC, and the FTC investigate and possibly penalize them for a significant misrepresentation to consumers and regulators? CSO Online has a significant update…
Germany summons Russian envoy over Fancy Bears cyberattack
DW reports: Germany accused Russia’s military intelligence service, the GRU, on Friday of being behind a 2023 cyberattack that targeted the Social Democrats (SPD). NATO member Germany has been among the Western nations providing military support to Ukraine as it fights a Russian invasion and there have also been recent accusations of increased espionage. In June 2023, the SPD announced that cybercriminals had…
Former Cybersecurity Consultant Arrested For $1.5 Million Extortion Scheme Against IT Company
For those who would like a timely reminder about making sure you terminate access and take control of devices immediately when an employee or contractor terminates employment, consider this press release from the Southern District of New York on May 1. Damian Williams, the United States Attorney for the Southern District of New York, announced…