Marco A. De Felice writes: According to various reports drawn up by analysts and journalists in the information security sector, ransomware-type attacks would be in sharp decline in 2022. A statement that we find in total disagreement. For SuspectFile, the number of victims in all sectors is instead comparable to those experienced in the previous…
Category: Commentaries and Analyses
Transparency International blasts Malaysian govt for apathetic reaction to data leaks
MalaysiaKini reports: Transparency International Malaysia (TI-M) has expressed deep concern over the recurring pattern of data leaks from Malaysian government agencies that are empowered and entrusted with personal data. “Media reports last week revealed that data from the voting portal MySPR was publicly on sale on the internet. It was also reported that the caretaker…
Disneyland Malware Team: It’s a Puny World After All
Brian Krebs reports: A financial cybercrime group calling itself the Disneyland Team has been making liberal use of visually confusing phishing domains that spoof popular bank brands using Punycode, an Internet standard that allows web browsers to render domain names with non-Latin alphabets like Cyrillic. The Disneyland Team uses common misspellings for top bank brands in its domains….
District of Massachusetts Dismisses Data Breach Class Action for Lack of Injury
Melanie A. Conroy of Pierce Atwood LLP writes: On October 18, 2022, in Webb v. Injured Workers Pharmacy, LLC, the District of Massachusetts dismissed a class action complaint brought by former pharmacy patients alleging that their sensitive personal information had been exposed in a data breach affecting more than 75,000 customers. In its analysis, the court determined that…
To Detail or Not: The Breach Notification Conundrum
Matt Fisher has a post on a topic near and dear to DataBreaches’ heart: how much detail to include in a brief notification. Matt covers the minimum requirements, as mandated by HIPAA, but then starts to consider more complex situations. He writes, in part: Without being able to cover every scenario or nuance, there are…
Medibank defends decision to not pay hackers ransom for stolen data as it contacts 480,000 customers
Nassim Khadem and Daniel Ziffer report: Medibank’s boss says the company will begin directly communicating with nearly half a million customers whose health data is believed to have been stolen, weeks after it first became aware hackers had breached its customer database. Medibank’s chief executive David Koczkar said the company had today started communicating with…