James Coker reports: The Australian government has introduced the country’s first standalone cybersecurity law to Parliament. The new legislation aims to better protect citizens and organizations against a heightened geopolitical and cyber threat environment. The Cyber Security Bill 2024 covers a range of areas, including mandating minimum cybersecurity standards for IoT devices and mandatory ransomware reporting for critical infrastructure…
Category: Legislation
What to expect from the UK’s Cyber Security and Resilience Bill (and when)
Mark Young, Paul Maynard, and Tomos Griffiths of Covington and Burling write: The UK Government has announced that it intends to introduce the Cyber Security and Resilience Bill (the “Bill”) to Parliament in 2025. Formally proposed as part of the King’s Speech in July, this Bill is intended to strengthen the UK’s cross-sectoral cyber security legislation to better protect…
Meta fined $101.5M for 2019 breach that exposed hundreds of millions of Facebook passwords
Natasha Lomas reports: Reset your clocks: Meta has been hit with yet another privacy penalty in Europe. On Friday, Ireland’s Data Protection Commission (DPC) announced a reprimand and a €91 million fine — around $101.5M USD at current exchange rates — after concluding a multi-year investigation into a 2019 security breach by Facebook’s parent company. […]…
Senate bill pushes cyber mandates for medical industry in wake of Change Healthcare debacle
Jonathan Greig reports: Hospitals and other healthcare businesses would be required to adopt minimum cybersecurity standards and face annual audits under new legislation introduced by two prominent senators on Thursday. The Health Infrastructure Security and Accountability Act, announced by Sens. Ron Wyden (D-OR) and Mark Warner (D-VA), would provide $1.3 billion for the Department of…
Websites exposing Aadhaar and PAN details blocked by India’s MeitY
Mint reports: The Government of India has blocked several websites that were found to be exposing sensitive personal information, including Aadhaar and PAN card details of Indian citizens. This action was taken by the Ministry of Electronics and Information Technology (MeitY). The Unique Identification Authority of India (UIDAI) has also filed an official complaint with…
Silence may not be golden: Visiting Physicians Network still silent one year after alleged data breach?
In September 2023, DataBreaches reported on an alleged ransomware attack involving Visiting Physician’s Network in Texas. The report provided screenshots of data leaked on the Threeam gang’s leak site and noted that Visiting Physician’s Network did not respond to inquiries about the breach. It is now one year later. DataBreaches has found no substitute notice,…