Danny Palmer reports: Ransomware attacks are getting more aggressive according to a senior figure at Europe’s law enforcement agency, but there are simple steps which organisations can follow to protect themselves – and their employees – from falling victim to attacks. […] However, Europol’s No More Ransom project is attempting to take the fight to cyber criminals…
Category: Commentaries and Analyses
Cyber Claim Trends Outlined in Coalition Report
Linn F. Freedman of Robinson & Cole writes: Cyber liability insurers are in a good position to provide insight into the types of cyber incidents that are hitting the industry. Coalition, a provider of cyber insurance globally, which “serves over 25,000 small and midsize organizations across every sector of the US and Canada,” issued its…
Legal misinterpretation to blame for delay in reporting Kentucky unemployment breach
Matthew Glowicki reports: An inspector general report has found there were “unacceptable” delays in reporting an April security breach of Kentucky’s unemployment system but that residents’ personal information doesn’t appear to have been misused. The report primarily blames the monthlong delay in reporting the breach on current legal staff who relied on a holdover procedure from the previous administration…
Are covered entities unnecessarily giving fundraisers PHI on patients?
I have no doubt that numerous sites will start generating “lessons learned” or “five takeaways” from the Blackbaud breach — if they haven’t done so already. And perhaps one of the consequences of this mega-breach needs to be a discussion of whether some entities are unnecessarily giving their fundraising arms or business associates too much…
Maze attackers adopt Ragnar Locker virtual machine technique
Andrew Brandt and Peter Mackenzie of Sophos report: While conducting an investigation into an attack in July in which the attackers repeatedly attempted to infect computers with Maze ransomware, analysts with Sophos’ Managed Threat Response (MTR) discovered that the attackers had adopted a technique pioneered by the threat actors behind Ragnar Locker earlier this year,…
Ca: Regina clinic failed to notify patients of privacy breach, says commissioner
Mark Melnychuk reports: An investigation by Saskatchewan’s privacy commissioner found that a Regina medical clinic did not notify patients when a doctor’s dictation machine containing personal health information went missing a year ago. According to the report filed on Sept. 15, Saskatchewan Information and Privacy Commissioner Ronald J. Kruzeniski wrote that his office was notified…