In 2014, Nuance Communications discovered that anyone could access protected health information on one of its platforms. After the situation persisted for years, a former employee decided to submit a whistleblower complaint to HHS. For his efforts, he spent more than one year fending off threatened federal hacking charges, even though no hacking was involved….
Category: Commentaries and Analyses
EvilProxy Phishing-As-A-Service With MFA Bypass Emerged In Dark Web
Seen on Resecurity’s blog: a reminder that our current defenses fall rapidly as nimble criminals find a work-around and that some developments enable second-tier or less sophisticated attackers to punch above their weight: Following the recent Twilio hack leading to the leakage of 2FA (OTP) codes, cybercriminals continue to upgrade their attack arsenal to orchestrate…
SGF Urges Need To Curb Data Breaches In Nigeria
Jacob Segun Olatunji reports: The Secretary to the Government of the Federation, Boss Mustapha, has urged the need to curb the menace of data breaches in the country. He made the call when the National Commissioner of Nigeria Data Protection Bureau (NDPB), Dr Vincent Olatunji, led some staff of the Bureau on a visit to…
Bits ‘n Pieces (Trozos y Piezas)
Argentina: More than 14,000 Reports Last Year Between April 2020 and March 2021, the Specialized Cybercrime Prosecution Unit registered 14,583 reports of cases associated with cybercrime, a 465% increase over the previous year. The #DatosEnFuga project attempts to improve security and data protection. It is an initiative of the organizations Democracia en Red, Fundación Vía Libre…
‘I think Indonesia’s cybersecurity is run by 14-year olds’: Hackers
In July, DataBreaches published a piece highlighting the increasing number of breaches and leaks affecting Indonesians showing up on marketplaces where personal data is shared or sold. “Growing risk to Indonesian citizens’ privacy as breaches and leaks appear on marketplaces” included several recent examples found on the popular forum, Breached.to (Breach Forums). Now a new…
Norwegian parliament fined
From the Norwegian Data Protection Authority: The Norwegian parliament – the Storting – had a data breach in late 2020. In January, the Data Protection Authority gave notice of a NOK 2 million fine for inadequate security. We have now considered the Storting’s comments and decided to maintain the fine. Norwegian parliament fined “Our conclusion…