An editorial in The Asahi Shimbun begins: A prolonged, systemic failure in data security management resulted in a 10-year leak of personal information in about 9 million cases stored at a subsidiary of Nippon Telegraph and Telephone West Corp. (NTT West). The leak reflects a significant lapse in the company’s protective measures and a stark…
Category: Commentaries and Analyses
Logs missing in 42% cyberattacks; small business most vulnerable: Report
Vasudha Mukherjee reports: Telemetry logs, which hold collection, transmission, and measurement of data, were found missing in 42 per cent of analysed cyberattacks, according to Sophos’ Active Adversary Report. Titled ‘The Active Adversary Report for Security Practitioners’, the report delves into incident response (IR) cases scrutinised by global cybersecurity firm Sophos. The report provides insights…
K-12 schools improve protection against online attacks, but many are vulnerable to ransomware gangs
Alanna Durkin Richer repeorts: Some K-12 public schools are racing to improve protection against the threat of online attacks, but lax cybersecurity means thousands of others are vulnerable to ransomware gangs that can steal confidential data and disrupt operations. Since a White House conference in August on ransomware threats, dozens of school districts have signed up for free…
Canadian Government Announces Data Breach, Urges Public Service Employees to Take Action
Stacey Scott reports: The federal government has issued a warning to current and former public service employees, as well as members of the RCMP and Canadian Armed Forces, regarding a recent data breach that took place on October 19th. Officials have identified two companies, Brookfield Global Relocation Services (BGRS) and SIRVA Worldwide Relocation & Moving…
Does claiming you were hacked when you had really just screwed up violate the FTC Act?
On November 12, DataBreaches published an OpEd, If entities continue to obfuscate and lie, it’s time to mandate more transparency in breach disclosures. Today, we post another example of why we need to legislate and enforce data breach notification laws that prohibit deceptive statements and mandate more disclosure when data has been leaked. This week,…
CEOs of Ontario hospitals hit by ransomware attack provide updates on impact and look for no ransom payment legislation
Jennifer LaGrassa reports: For the first time, top leadership from the five southwestern Ontario hospitals hit by a ransomware attack answered questions from the media — acknowledging the significant impact the incident has had on care, as well as the large amount of stolen data. During the roughly 50-minute meeting on Friday, each hospital CEO said their…