On April 20, DataBreaches reported claims that a security researcher had been scared away after threat actors allegedly obtained his details from Twitter by using a fraudulent Emergency Data Request. Twitter has yet to respond to numerous inquiries from the media as to whether that actually happened, but there is no doubt that fake law…
Category: Commentaries and Analyses
Over 300,000 Internet-Exposed Databases Identified in 2021
Ionut Arghire reports: Cybersecurity firm Group-IB identified more than 91,000 publicly-exposed databases in the first quarter of 2022, significantly more than in the previous year. In 2021, the firm discovered a total of 308,000 exposed databases, with more than 165,000 of them found in the second half of the year. Most of the exposed databases use…
ARcare reports breach; Smile Brands updates its disclosure to 2.6 million affected
Two reports that I have been reading today: ARcare ARcare in Arkansas is notifying people whose personal and/or medical information may have been accessed or acquired in a malware incident. The malware enabled an unauthorized actor to access or acquire data between January 18, 2022 and February 24, 2022. The types of information involved included…
Health data leak: 1.5 million euro fine against Dedalus Biologie
Seen at Osborne Clark: Following a massive health data leak disclosed in the press concerning nearly 500,000 persons in February 2021, the French Authority for Data Protection (CNIL) has fined (fr) the company Dedalus Biologie 1.5 million euros mainly for failure to comply with its data security obligation. Dedalus Biologie is an application software editor…
Iran says it thwarted largescale cyberattack on country’s infrastructure
The Jerusalem Post reports: The Iranian “AFTA” presidential strategic management center thwarted a widespread cyber attack on the country’s infrastructure in recent days, according to Iranian state TV IRIB. According to AFTA, the cyberattackers planned to exploit a security gap in one of the softwares most widely used by infrastructure organizations in Iran. The center…
Ransomware attacks are hitting universities hard, and they are feeling the pressure
Danny Palmer reports: Schools and universities are facing an unprecedented level of ransomware attacks as incidents continue to severely impact the education sector. The warning comes from Jisc, a not-for-profit organisation that provides network and IT services to higher education and research institutions. Jisc’s ‘Cyber Impact 2022’ report suggests there’s an increased threat of ransomware attacks against education. Read…