Sri Lanka Mirror reports: All Government offices using the “gov.lk” email domain, including the Cabinet Office, have lost data from May 17 to August 26, 2023, after a massive ransomware attack, the Information and Communication Technology Agency (ICTA) has confirmed. The virus could have affected around 5,000 email addresses, ICTA CEO Mahesh Perera said, admitting…
Category: Hack
Russian man with Kremlin ties gets 9 years in US prison for hacking and insider trading scheme
Alanna Durkin Richer reports: A wealthy Russian businessman with ties to the Kremlin was sentenced Thursday to nine years in prison for his role in a nearly $100 million stock market cheating scheme that relied on secret earnings information stolen through the hacking of U.S. computer networks. Vladislav Klyushin, who ran a Moscow-based information technology company that…
An inexcusable gap from breach to notification, or an excusable one?
Some state and federal laws provide specific timeframes by which breached entities must provide notice to regulators and to those affected by a data breach. Unfortunately, loopholes abound, as we seen in statutory language such as Minnesota’s breach notification law, where for timing of notification, it says: “The disclosure must be made in the most…
Court certifies class action lawsuit against federal government over 2020 Canada Revenue Agency cyberattack
Mitchell Consky reports: The Federal Court of Canada has certified a class action lawsuit against the federal government, which alleges negligence in “safeguarding the confidential information of Canadians, leading to widespread privacy breaches.” The suit follows cyberattacks that targeted Canada Revenue Agency accounts and other government services back in 2020. Read more at CTV News.
Schneck Medical Center settles Indiana Attorney General’s lawsuit over 2021 data breach
Jackson County Schneck Memorial Hospital (Schneck Medical Center) was a victim of a cyberattack in 2021. Its 2021 and 2022 disclosures about the breach and its lack of timely breach notification resulted in a potential class action lawsuit filed in 2022. Its lack of appropriate and timely disclosures and information patients needed to protect themselves…
Rite Aid, one of many victims in MOVEit breach, sued for negligence
Rite Aid was one of numerous entities affected by the massive MOVEit breach. In July, they disclosed that 24,400 patients’ pharmacy information including medication names and dates of fill, prescriber information and limited insurance information was involved. They were notified by their vendor of the breach on May 31. Now it is reportedly being sued,…