There are two cases in South Korean news this week of note here today involving enforcement actions by South Korea’s Personal Information Protection Commission. One involves a travel agency, Modutour. The other involves a court decision about Meta’s data sharing. Modutour Network Fined by PIPC Yun Ye-won reports that Modutour Network, which neglected safety measures…
Category: Non-U.S.
Swiss critical sector faces new 24-hour cyberattack reporting rule
Bill Toulas reports: Switzerland’s National Cybersecurity Centre (NCSC) has announced a new reporting obligation for critical infrastructure organizations in the country, requiring them to report cyberattacks to the agency within 24 hours of their discovery. According to the NCSC announcement, this new requirement is introduced as a response to the increasing number of cybersecurity incidents…
Computers containing thousands of patients’ records stolen from Belfast hospital
Deborah McAleese reports: Twenty-eight computers containing the records of thousands of patients have been stolen from a Belfast Hospital, UTV can reveal. The computers were being used to train staff on the new encompass system, a digital healthcare record that is being rolled out across all health trusts. Belfast Health Trust said the missing appliances…
Taipei’s Mackay Memorial Hospital patient information allegedly sold online
Michael Nakhiengchanh reports: Taipei’s Mackay Memorial Hospital apologized Thursday to the public for an information leak caused by a cyberattack earlier this month. On Feb. 9, the hospital was hit by ransomware called “Crazy Hunter,” causing over 500 computers to crash and reportedly up to 32.5 GB of information stolen, per CNA. The leaked data allegedly includes personal…
NHS investigates API flaw that exposed patient data
Teiss reports: The National Health Service (NHS) is investigating claims that an application programming interface (API) vulnerability at private healthcare provider Medefer left patient data exposed. The issue, initially raised by an IT whistleblower, has prompted scrutiny from the NHS, which has stated it will take further action if necessary. Medefer, a virtual healthcare provider…
Black Basta exposed: A look at a cybercrime data leak and a key member, “Tramp”
Intel471 reports: On Feb. 11, 2025, a mysterious leaker going by the Telegram username ExploitWhispers released one year’s worth of internal communications between members of the Black Basta ransomware group on a Telegram channel. Black Basta is still active in a reduced capacity, but in 2022, it was the third most impactful ransomware group. Its members appeared to be experienced…