Ashden Fein, Micaela McMurrough, Caleb Skeath, and Matthew Harden of Covington & Burling write: On March 3, 2023, the United States Environmental Protection Agency (“EPA”) published a memorandum requiring states to evaluate the cybersecurity of operational technology used by public water systems (“PWSs”) “when conducting PWS sanitary surveys or through other state programs.” EPA’s memorandum “interprets the…
Category: Commentaries and Analyses
PDPC penalizes Eatigo over data protection failures leading to 2020 breach
On October 31, 2020, Eatigo reported a data breach of customer data and that the data had been put up for sale on a popular forum. The Personal Data Protection Commission investigated and found that: the personal data for sale on the online forum did not match any current databases in use by the Organisation…
Co-Working for the Ransomware Age: How Hive Thrived
Mathew J. Schwartz reports on how Hive blossomed as a business enterprise by co-working, or incorporating smaller victims and teams from Conti. Read his report with insights provided by Yelisey Bohuslavskiy, chief research officer at New York-based threat intelligence firm Red Sense. It makes for a fascinating read.
After newest data leak, lawyers say time for Putrajaya to give up PDPA immunity
R. Loheswar reports: Continued breaches exposing Malaysians’ private information at government agencies meant the Personal Data Protection Act (PDPA) should be amended to finally make these accountable, said legal experts. In its current form, the PDPA only covers commercial entities and transactions, exempting both the federal and state governments from its rules and principles, including…
Council of Granada database was sold by hacker. Should anyone be concerned?
The Council of Granada is a public entity providing direct services to citizens as well as technical, economic, and technological support to the city councils of the municipalities of the province of Granada, Spain. On December 29, 2022, the group known as “GhostSec” listed a Granada Council database at dipgra.es for sale, claiming they had…
ANOTHER Acer Data Breach? Hacker Claims to Sell 160GB Trove of Stolen Data
Waqas reports: Acer Inc., a major global technology company based in Taiwan, is facing a potential data breach from a hacker going by the alias “Kernelware.” The hacker is claiming responsibility for a major data breach at Acer Inc., a leading multinational company based in Taiwan that designs and sells hardware and electronics products. According to…