Commentaries and Analyses – Page 15

Hong Kong watchdog slams sports club for sloppy cybersecurity ahead of ransomware attack

Posted on October 22, 2024 by Dissent

Sammy Heung reports: Hong Kong’s privacy watchdog has found a prominent sports club had been in breach of privacy regulations in the run-up to a large-scale leak involving about 72,000 members’ personal information. The Office of the Privacy Commissioner for Personal Data said on Tuesday that the South China Athletic Association (SCAA) had failed to…

2nd Settlement Triggered by 2017 Ransomware Attack Costs WA Practice $100K; ‘Not a Breach’

Posted on October 21, 2024October 21, 2024 by Dissent

DataBreaches recently posted a press release from HHS OCR that announced a settlement with Cascade Eye and Skin Centers following a ransomware investigation. Theresa Defino of Report on Patient Privacy (RPP) dug into the incident and investigation more, and her reporting services as a great reminder that HHS’s press releases frequently do not really answer…

The government is getting fed up with ransomware payments fueling endless cycle of cyberattacks

Posted on October 19, 2024 by Dissent

Barbara Booth reports: With ransomware attacks surging and 2024 on track to be one of the worst years on record, U.S. officials are seeking ways to counter the threat, in some cases, urging a new approach to ransom payments. Ann Neuberger, U.S. deputy national security adviser for cyber and emerging technologies, wrote in a recent Financial…

Double trouble: DoctorsToYou has not one, but two data security incidents to address

Posted on October 17, 2024 by Dissent

On Wednesday, the RansomHub ransomware group added a listing for DoctorsToYou in New York to their leak site. Their listing included several screencaps that revealed personally identifiable information (PII) and protected health information (PHI). Some of the files specifically showed their name or letterhead. The listing did not indicate how many GB of data RansomHub…

Iranian Cyber Actors’ Brute Force and Credential Access Activity Compromises Critical Infrastructure Organizations

Posted on October 17, 2024 by Dissent

From CISA, Alert Code: AA24-290A Summary The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), the Communications Security Establishment Canada (CSE), the Australian Federal Police (AFP), and Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) are releasing this joint Cybersecurity Advisory to warn network defenders…

Au: Banking giant HSBC loses battle against scam victim

Posted on October 15, 2024 by Dissent

So you hired someone to work for your firm and they turned out to be a sophisticated scammer who scammed your customers? And you think you shouldn’t be held liable for any money your customers lost in the scam? Well, if you’re in Australia, think again. Aisha Dow reports: Banking giant HSBC may have to…