The “Happy Blog” leak site belonging to the Sodinokibi threat actors known as “REvil” (“Are Evil”) is offline, and their spokesperson “Unknown” has been silent for a few days. Lawrence Abrams of Bleeping Computer says all of REvil’s sites are down, including the payment site. So have they folded? REvil’s “Unknown” consistently said they would…
Category: Commentaries and Analyses
Follow-up: Forensic audit didn’t reveal any unauthorized access to customer data: Mobikwik
Mint reports: Payments firm One Mobikwik Systems Ltd on Monday, in its draft IPO prospectus, said that a forensic audit conducted by an independent expert did not reveal any unauthorized access to its customer database in March. The alleged data breach came to light in March after unknown actors claimed they were selling Mobikwik’s data on the…
China’s Shenzhen City Enacted Regional Data Regulation
Manuel Torres and Zhang, Dun of Garrigues write: Shenzhen, the leading financial and production center for China and home of many Chinese internet and tech giants such as Huawei, Tencent and DJI, enacted its regional data protection law, ‘Data Regulation of the Shenzhen Special Economic Zone’ (Shenzhen Data Regulation) on June 29, 2021. Shenzhen Data…
Healthcare Under Attack
Health law attorney Matthew Fisher writes: Not a day can go by anymore without a report of at least one data breach (and likely more) or a cyber attack on a healthcare organization. The pace of attacks seemed to increase as the world shutdown in from COVID-19 and security concerns have only continued to increase….
New York Department of Financial Services Announces a $1.8 Million Settlement with Two Life Insurers for Data Breach Violations
Zachary Dyer, Steven Imber, Justin Liby, and Jennifer Osborn Nix of Polsinelli write: The New York Department of Financial Services (“NYDFS”) recently announced that it has entered into a Consent Order with two affiliated life insurers for alleged violations of New York’s Cybersecurity Regulation (the “NY Cybersecurity Regulation”). The NYDFS conducted an investigation and determined…
UK: ICO fines transgender charity for data protection breach exposing sensitive personal data
Bigger companies may pay bigger fines, but smaller fines do not mean smaller impact when it comes to dealing with sensitive information, as in this case. The Information Commissioner’s Office (ICO) has fined transgender charity Mermaids £25,000 for failing to keep the personal data of its users secure. The ICO’s investigation began after it received a…