Who would have thought that criminals might lie? Where’s my shocked face? Bill Toulas reports on findings from a survey by Venafi. Here is some of what they found: 83% of all ransomware victims who paid the requested amount were extorted again, twice, or even three times. 18% of victims who paid the ransom still…
Category: Commentaries and Analyses
CISA Insights: Preparing for and Mitigating Foreign Influence Operations Targeting Critical Infrastructure
HHS Cybersecurity Program has issued an Alert (TLP: WHITE). Executive Summary Malicious actors use influence operations, including tactics like misinformation, disinformation, and malinformation (MDM), to shape public opinion, undermine trust, amplify division, and sow discord. Foreign actors engage in these actions to bias the development of policy and undermine the security of the U.S. and…
New study reveals the most expensive academic data breaches
Serena Haththotuwa reports: A new study has calculated the most expensive data breaches over the past two years. The research, which was conducted by Surfshark, shows the cost of data hacks for businesses across 11 sectors including the academic, tech, government, retail and finance industries. Surfshark’s list of most expensive data breaches is based on…
Personal info leaks from listed Japan firms hit record high in 2021
Kyodo News reports: The number of personal information leaks from companies listed on Japanese stock exchanges, as well as their subsidiaries, rose by 30 percent in 2021 from the previous year to a record 137 cases, according to a corporate research agency. Tokyo Shoko Research said in a report that over 50 percent or 68…
Potential Board Liability for Cybersecurity Failures Under Caremark Law
Having trouble getting support for security efforts? Maybe show this one to the board of directors. Leah Rizkallah reports: Cybersecurity is now among the most critical risk-areas for companies across industries, and boards of directors must be vigilant in overseeing their companies’ cybersecurity efforts. Failing to do so not only increases risks for the company,…
One year later, Minimally Invasive Surgery of Hawaii notifies patients of ransomware incident
A notification letter template that showed up on the California Attorney General’s site this week is dated “February 19, 2021.” I assume the 2021 is a typo based on the rest of the letter. The letter from Orthopedic Associates of Hawaii (OAH) begins (emphasis added by this site): Orthopedic Associates of Hawaii, All Access Ortho…