David Krebs and Jacey Safnuk of Miller Thomson LLP write: … Data breach reporting obligations in Saskatchewan are influenced by a total of four relevant pieces of legislation, covering both public and private sectors. These laws will not all apply to every potential breach, of course, but it is crucial for organizations to understand that more…
Category: Non-U.S.
Unsecured Gearbest server exposes millions of shoppers and their orders
Zeljka Zorz reports: Chinese e-commerce giant Gearbest has exposed information and orders of millions of its customers through an unsecured Elasticsearch server, security researcher Noam Rotem and his team have found. According to Rotem, the server was not protected with a password and anyone could access it and search the data. Also, despite assurances from…
How Hackers Pulled Off a $20 Million Mexican Bank Heist
Lily Hay Newman reports: In January 2018 a group of hackers, now thought to be working for the North Korean state-sponsored group Lazarus, attempted to steal $110 million from the Mexican commercial bank Bancomext. That effort failed. But just a few months later, a smaller yet still elaborate series of attacks allowed hackers to siphon…
Mt Gox Bitcoin exchange’s Karpeles avoids jail time in Japan
Yuri Kageyama reports: Mark Karpeles, who headed Mt. Gox, a Tokyo-based bitcoin exchange that went bankrupt after a massive hacking, was found guilty Friday of manipulating electronic data but cleared of embezzlement and breach of trust charges. The Tokyo District Court handed down a prison sentence of two years and six months, suspended for four…
Privacy breach leads to embarassing award for Nova Scotia
As a follow-up to a Nova Scotia privacy breach previously noted on this site, The Chronicle Herald has an update with a government and police smackdown by EFF. Aaron Beswick explains: The Nova Scotia government received a cyber-security award this week. But it wasn’t a good one. The Electronic Frontier Foundation, an online non-profit group…
Chinese Government Officials Face Ransomware Attack
Samuel Haig reports: A statement issued by a Chinese provincial government website has announced that the National Network and Information Security Information Center has identified overseas hackers targeting the websites of government departments with emails containing ransomware. The ransomware was delivered via an email containing the subject line: “You must report to the police at…