[Translation:] A document released on August 24 by the Japan Medical Association Policy Research Institute (Nichi-Isouken), which aims to plan medical policy, is causing controversy on SNS. Regarding contracts and responsibility sharing between medical institutions and system vendors, based on the “principle of good faith”, if the vendor’s risk explanation is insufficient, the medical institution…
Category: Business Sector
Medically-tailored food provider, PurFoods, discloses data breach
Jurgita Lapienytė reports: PurFoods, which positions itself as a provider of “tailored home-delivered meals,” has reported a data breach affecting over 1.2 million people. PurFoods (doing business as Mom’s Meals) filed a data breach report with the Maine Attorney General’s Office, stating that attackers acquired sensitive info such as name or other personal identifier, together…
Kroll Employee SIM-Swapped for Crypto Investor Data
Brian Krebs reports: Security consulting giant Kroll disclosed today that a SIM-swapping attack against one of its employees led to the theft of user information for multiple cryptocurrency platforms that are relying on Kroll services in their ongoing bankruptcy proceedings. And there are indications that fraudsters may already be exploiting the stolen data in phishing attacks. Cryptocurrency…
Cloud and hosting provider Leaseweb took down critical systems after a cyber attack
Pierluigi Paganini reports: Global hosting and cloud services provider Leaseweb has disabled some “critical” systems following a recent security breach. The company informed its customers that is now working on restoring these systems. According to a notice of incident sent to customers, on August 22, the company discovered “unusual” activity in some of its systems…
A Brazilian phone spyware was hacked and victims’ devices ‘deleted’ from server
Zack Whittaker reports: Portuguese-language spyware called WebDetetive has been used to compromise more than 76,000 Android phones in recent years across South America, largely in Brazil. WebDetetive is also the latest phone spyware company in recent months to have been hacked. In an undated note seen by TechCrunch, the unnamed hackers described how they found and…
Fourth Circuit Decision in Marriott Data Breach Case Kicks the Can Down the Road
Cindy Cohn of EFF writes: When a company that collected your personal data negligently fails to secure it, you should have accountability and relief—including standing to sue. EFF and our friends at Electronic Privacy Information Center filed an amicus brief in late November pointing this out to the U.S. Court of Appeals for the Fourth Circuit in…