Ertuğrul Can Canbolat LL.M., Baran Can Yildirim, LL.M. and S. İrem Akin of Actecon write: Article 12 of the Turkish Data Protection Law No. 6698 (“TurkishData Protection Law“) entitled “Obligations Regarding Data Security” deals with the obligations of the data controller. Article 12/1 of the Turkish Data Protection Law states the data controller shall take…
Category: Commentaries and Analyses
Privacy commissioner investigating security of patient health records at Alberta Health Services Social Sharing
Jennie Russell reports: Alberta’s privacy commissioner is investigating whether Alberta Health Services properly safeguards the public’s personal health information after CBC News revealed the electronic system housing it was vulnerable to outside security threats. A 2018 assessment by an external security firm found several “significant risks” with the health authority’s administration of the Alberta Netcare…
MalwareTech’s Judge Seems More Sympathetic to Hutchins about the Intent of Prosecution than the Law
emptywheel writes: JP Stadtmueller, the judge who will preside over MalwareTech (Marcus Hutchins’) case, last week denied his pretrial motions to get his post-arrest interview and all the charges of his indictment thrown out. So right, that’s not great news for Marcus, or even good news. But to get a better understanding of how the case is…
Reserve Bank of India warns of mobile data theft by ‘AnyDesk’ app
ENS Economic Bureau reports: Amid rising instances of fraud using the Unified Payment Interface (UPI) platform, the Reserve Bank of India has cautioned all banks and payment system operators about a new modus operandi allegedly used by scammers to target customer phones. In an alert dated February 14, the cyber security and IT examination cell…
Researchers Reveal Suspect Behind Collection #1 Mega Breach
Sir Julio reports: A U.S.-based cybersecurity firm, Recorded Future, alleges to have identified a hacker allegedly responsible for exposing stolen data in a recent leak dubbed Collection #1. Experts from Recorded Future’s threat intel team have claimed that the hacker goes by the pseudonym “C0rpz.” According to the company, multiple individuals came out claiming to serve as the source of the breached data. Read more on Dark Web News.
GandCrab ransomware gang infects customers of remote IT support firms
Catalin Cimpanu reports: Hackers have used a two-year-old vulnerability in a software package used by remote IT support firms to gain a foothold on vulnerable networks and deploy the GandCrab ransomware on those companies’ customer workstations. At least one company has been hit already, according to a report on Reddit, confirmed by cyber-security firm Huntress…