While New South Wales’ new COVID outbreak is causing problems, it has other problems as well. On July 9, GRC World Forums reported: The New South Wales (NSW) department of education in Australia has deactivated some internal systems after becoming the victim of a cyber-attack. The timing has created considerable challenges for staff as they…
Category: Federal
People’s Republic of China Passes the Data Security Law: A Summary of What We Know
Kim Peretti, Lance Taubin, and Emily Poole of Alston & Bird write: On June 10, 2021, almost exactly three years after the passing of its Cybersecurity Law (CSL), the National People’s Congress of China passed a new Data Security Law (DSL) (click here for an unofficial English translation of the DSL), which goes into effect September 1, 2021. Where…
Bits ‘n Pieces
Aultman Health Foundation Notifying Patients of Insider-Wrongdoing The Ohio foundation is notifying approximately 7,000 patients that a former employee accessed their records without business need. HOYA Optical Labs of America Notifying Patients of Ransomware Incident As first reported by HealthITSecurity, the Japanese-headquartered firm notified 3,259 U.S. patients of a ransomware incident. The incident occurred in…
New Australian bill would force companies to disclose ransomware payments
Catalin Cimpanu reports: Australian lawmakers have filed on Monday a new bill that would mandate that local companies inform the Australian Cyber Security Centre (ACSC) of their intention to pay a ransomware gang. The Ransomware Payments Bill 2021 was put forward today by Tim Watts, Australia’s Shadow Assistant Minister for Cyber Security, and comes after Australian companies…
Do We Even Need the Computer Fraud & Abuse Act (CFAA)?–Van Buren v. US
Eric Goldman writes: Last week, the Supreme Court decided Van Buren v. US. Many hoped the decision would clarify how owners can delimit third-party usage of their computer resources for purposes of the Computer Fraud & Abuse Act (CFAA). Disappointingly, the court explicitly punted on that key question, though the decision probably will prompt lower…
South Africa lays down the law on cybercrime
Karen Allen writes: A new law brings South Africa up to international standards for fighting cybercrime. […] Together with the Protection of Personal Information (POPI) Act 2020, which will be in full effect after 30 June 2021, the new cyber law is a key part of South Africa’s armoury in the fight against cybercrime. […] In summary, cybercrime…