Gemini Advisory reports: Gemini Advisory’s analysts uncovered a September 14, 2020 post on a Russian-language dark web forum by a cybercriminal group operating under the moniker “LockBit,” in which they advertised starting their own blog under the same name. LockBit is a Russian-language ransomware team, alongside “REvil”/”Sodinokibi” and “Maze,” that advertises its services on Russian-language dark web…
Category: Non-U.S.
UK: Over 18K COVID-19 Patients’ Data Mistakenly Exposed by NHS Trust
David Bisson reports: A National Health Service (NHS) Trust revealed that it had mistakenly uploaded the personal information of over 18,000 people who had previously tested positive for coronavirus 2019 (COVID-19). On September 14, Public Health Wales announced in a web statement that the data breach had occurred back on the afternoon of August 30, 2020. Read…
Gelderland Security Region Hit in Ransomware Attack
Janene Pieters reports: Veiligheidsregio Noord- en Oost-Gelderland (VNOG) was infected by ransomware over the weekend. The attack left the internal systems damaged. Some functionality is limited or not working at all. But the notification systems like P2000 and C2000, with which the security services communicate, are unaffected. Read more on NLtimes.nl. h/t, @Chum1ng0
Central Bank of Seychelles reports ransomware attack on Development Bank of Seychelles
From a Central Bank of Seychelles(CBS) press release of September 11, as first reported by Bleeping Computer: The Central Bank of Seychelles (CBS) has been informed of a ransomware attack on the network of the Development Bank of Seychelles (DBS). The incident was communicated to CBS on Wednesday 9 September 2020. Since then, CBS has…
Ca: Multiple Penalties Issued to Individual Convicted of Health Information Breaches
September 10 — A former medical clinic employee pleaded guilty on Wednesday, Sept. 2 to breaching the health information of several individuals in contravention of the Health Information Act (HIA). Olivia Franc was fined $6,000, given three years probation including not being able to access health information, and is required to complete 180 hours of community…
Singapore Says Grab’s Fourth Privacy Breach Is Concerning
Ameya Karve and Yoolim Lee report: Singapore’s privacy regulator imposed a S$10,000 ($7,311) penalty on ride-hailing company GrabCar Pte for a personal-data breach incident last year and raised the alarm on repeated violations by the unit of Grab Holdings Inc. In August 2019, an update of Grab’s mobile application exposed the personal data of more than…