Sometimes, 2+2 does not = 4, it seems. When employees falling for phishing attempts represent one of the two biggest preludes to a ransomware attack, why are 28% of IT leaders in a recent survey more concerned about malicious insiders than human error? Why are only 21% of those surveyed most concerned about human error?…
Category: Commentaries and Analyses
Is REvil really gone? Lots of speculation, no confirmation of anything yet.
The “Happy Blog” leak site belonging to the Sodinokibi threat actors known as “REvil” (“Are Evil”) is offline, and their spokesperson “Unknown” has been silent for a few days. Lawrence Abrams of Bleeping Computer says all of REvil’s sites are down, including the payment site. So have they folded? REvil’s “Unknown” consistently said they would…
Follow-up: Forensic audit didn’t reveal any unauthorized access to customer data: Mobikwik
Mint reports: Payments firm One Mobikwik Systems Ltd on Monday, in its draft IPO prospectus, said that a forensic audit conducted by an independent expert did not reveal any unauthorized access to its customer database in March. The alleged data breach came to light in March after unknown actors claimed they were selling Mobikwik’s data on the…
China’s Shenzhen City Enacted Regional Data Regulation
Manuel Torres and Zhang, Dun of Garrigues write: Shenzhen, the leading financial and production center for China and home of many Chinese internet and tech giants such as Huawei, Tencent and DJI, enacted its regional data protection law, ‘Data Regulation of the Shenzhen Special Economic Zone’ (Shenzhen Data Regulation) on June 29, 2021. Shenzhen Data…
Healthcare Under Attack
Health law attorney Matthew Fisher writes: Not a day can go by anymore without a report of at least one data breach (and likely more) or a cyber attack on a healthcare organization. The pace of attacks seemed to increase as the world shutdown in from COVID-19 and security concerns have only continued to increase….
New York Department of Financial Services Announces a $1.8 Million Settlement with Two Life Insurers for Data Breach Violations
Zachary Dyer, Steven Imber, Justin Liby, and Jennifer Osborn Nix of Polsinelli write: The New York Department of Financial Services (“NYDFS”) recently announced that it has entered into a Consent Order with two affiliated life insurers for alleged violations of New York’s Cybersecurity Regulation (the “NY Cybersecurity Regulation”). The NYDFS conducted an investigation and determined…