Ambrose Li reports: The local arm of international charity Oxfam violated the data protection law following a leak in July that potentially affected 550,000 people, Hong Kong’s privacy watchdog ruled in an investigation report on Thursday. […] “The privacy commissioner considered that Oxfam had not taken all practicable steps to ensure that the personal data…
Category: Miscellaneous
Do-Over: “Pompompurin” to be Re-Sentenced
When the owner of the original BreachForums, Conor Fitzpatrick, aka “Pompompurin,” was sentenced in January of 2024 to time served plus 20 years supervised release with special conditions, it was a shock. Although young, Fitzpatrick had pleaded guilty to conspiracy to commit access device, access device fraud, and possession of child pornography. Based on federal…
The U.K. is considering prohibiting ransom payments. It’s a difficult issue.
How many times have the FBI and CISA urged entities NOT to pay ransom because it just encourages the attackers to attack more, while others suggest that a total ban would make things a lot worse? On January 14, the U.K. government opened a consultation, Ransomware legislative proposals: reducing payments to cyber criminals and increasing…
Symbol Will Indicate When Connected Devices Are Cyber Secure
Andrew Martin reports: Consumers may soon be able to buy electronic products with a label indicating they are “cyber secure,” according to US officials. The White House on Tuesday announced the launch of a new US Cyber Trust Mark, indicating designated items follow best practices to avoid possible hacks. Products with the cyber mark are…
Ohio state auditor issued guidance on email scams in April; employees might be liable if they fall for a scam
Corinne Colbert reports: The Ohio Auditor of State’s office issued a bulletin this past spring with guidance on detecting and avoiding payment redirect scams — and warned that public employees who failed to follow that guidance could be held accountable. That could have ramifications for whoever in Athens city government is determined to be responsible…
LastPass breach comes back to haunt users as hackers steal $12 million in two days
Solomon Klappholz reports: A major data breach at password manager firm LastPass in 2022 is still causing mayhem two years later, with cyber criminals using stolen information to carry out further attacks. According to data collated by crypto investigator ZachXBT, hackers stole $12.38 million in cryptocurrency from LastPass users on 16 and 17 December. The attackers drained…