Helene Fouquet reports: France’s privacy watchdog said it’s investigating the leak of sensitive health data on half a million people and said the companies involved could face heavy penalties if they don’t come forward with details of the breaches. The leaks were of “particularly significant magnitude and severity,” the CNIL said in a statement. Hackers may have…
Category: Commentaries and Analyses
Ransomware attacks fuelled increase in data theft in 2020, says IBM Security
GRC World Forum reports: Ransomware attacks increased 20% in 2020 compared to the previous year, with “double-extortion” tactics used in 59% of cases, according to a report by IBM Security The 2021 X-Force Threat Intelligence Index also showed how criminals pivoted their attacks to businesses and organisations on which global Covid-19 response efforts relied, including hospitals, medical…
FDA Names First Acting Director of Medical Device Cybersecurity
Michael R. Bertoncini of JacksonLewis writes: The U.S. Food and Drug Administration (FDA) named University of Michigan Associate Professor Kevin Fu Acting Director of Medical Device Security in its Center for Devices and Radiological Health. This is a newly created 12-month post in which Fu will “work to bridge the gap between medicine and computer…
Lazarus targets defense industry with ThreatNeedle
Vyacheslav Kopeytsev and Seongsu Park write: We named Lazarus the most active group of 2020. We’ve observed numerous activities by this notorious APT group targeting various industries. The group has changed target depending on the primary objective. Google TAG has recently published a post about a campaign by Lazarus targeting security researchers. After taking a closer look,…
Privacy Policy Ponderings
Matt Fisher writes: … Could a Privacy Policy be viewed as a contract of adhesion? First, that raises the question of what exactly is a contract of adhesion. It can be a standard form contract that is drafted by one party, often with more leverage, and presented to another party for acceptance without the opportunity…
Insider Cloud Data Theft Plagues Healthcare Sector
Phil Muncaster reports: Over a third (35%) of global healthcare organizations suffered cloud data theft by malicious insiders last year, according to data from Netwrix. The findings come from the security vendor’s 2021 Netwrix Cloud Data Security Report, based on interviews with 937 IT professionals around the world. It claimed that while insider theft was less…