Helen Hernandez reports: The personal data of nearly 10,000 employees of the CHU de Québec were stolen during a burglary that occurred on the night of June 5 to 6. The criminals broke into the premises of the CHU de Québec Research Center and seized computer equipment containing employee files. 9,500 former and current workers…
Category: Non-U.S.
New Canadian cybersecurity bill to require mandatory reporting of ransomware, other attacks
Jim Bronskill reports: Businesses and other private-sector organizations would be required to report ransomware incidents and other cyberattacks to the government under a federal bill to be tabled today. The legislation is intended to flesh out Liberal government efforts to protect critical infrastructure following last month’s announcement that Chinese vendors Huawei Technologies and ZTE will be banned from Canada’s…
India’s farmers exposed by new Aadhaar data leak
Zack Whittaker reports: A security researcher said an Indian government website was exposing the Aadhaar numbers of India’s farmers, potentially amounting to millions of people. Atul Nair told TechCrunch that he found a part of Pradhan Mantri Kisan Samman Nidhi website that was revealing the farmers’ information. PM-Kisan, as the agency is better known, is an…
More details emerge on Palermo ransomware attack — threat actors claim 350 GB stolen and 70% of files encrypted
Last week, the municipality of Palermo, Italy issued a statement that it had shut down systems in response to a cyberattack and that all services had been impacted. The Vice Society ransomware group subsequently claimed responsibility for the attack by adding Palermo to their list of “partners” on their dark web leak site. As DataBreaches.net…
Shoprite Group issues warning on ‘suspected data compromise’ (UPDATED)
TimesLive reports: The Shoprite Group said on Friday evening it had become aware of a suspected data compromise, including names and ID numbers, which may affect some customers who engaged in money transfers to and within Eswatini and within Namibia and Zambia. “Affected customers will receive an SMS to the cell number supplied at the…
Defensive Cyber Attacks Declared Legal by UK AG, Path Cleared to “Hack Back” When Critical Infrastructure & Services Attacked
Scott Ikeda reports: The Attorney General of the United Kingdom has declared the country can make use of defensive cyber attacks when “key services” (such as critical infrastructure and banks) are struck by foreign threat actors. The country is taking a formal position on extending international law to the digital realm, something that nations have…