James Coker reports: The Australian government has introduced the country’s first standalone cybersecurity law to Parliament. The new legislation aims to better protect citizens and organizations against a heightened geopolitical and cyber threat environment. The Cyber Security Bill 2024 covers a range of areas, including mandating minimum cybersecurity standards for IoT devices and mandatory ransomware reporting for critical infrastructure…
Category: Of Note
Water supplier American Water Works says systems hacked
Kate Gibson reports: American Water Works — a supplier of drinking water and wastewater services to more than 14 million people — on Monday said hackers had breached its computer networks and systems, prompting it to pause billing to customers. The Camden, New Jersey-based utility became aware of the unauthorized activity on Thursday, and took…
HHS Office for Civil Rights Imposes a $240,000 Civil Monetary Penalty Against Providence Medical Institute in HIPAA Ransomware Cybersecurity Investigation
In April 20218, DataBreaches reported a ransomware incident in February 2018 that had affected 81,550 patients of the Center for Orthopaedic Specialists (COS) – Providence Medical Institute (PMI) in California. The entity’s notification at the time indicated that patients’ names, dates of birth, details about medical records, and Social Security numbers had been involved in the…
Did LockBit really delete your data if you paid them? Nope, and even the affiliates didn’t know that?!
No matter how many times law enforcement tried to caution people not to believe promises by criminals that they would delete stolen data if only you paid them, some victims still paid or will pay. Today, the NCA drove their point home more forcefully: As you know, we were able to fully compromise LockBit’s platform…
Former Epsilon Senior Executive and Sales Manager Both Sentenced for Selling Data on Millions of U.S. Consumers to Fraudsters
Here is yet another case that reminds us of the insider threat. In this case, the defendants misused Epsilon’s algorithms to predict and sell lists of consumers most likely to respond to fraudster’s schemes’ mailings. Epsilon settled its criminal liability via a deferred prosecution agreement to pay $150 million in penalties and victim compensation and…
FCC Reaches Multi-Million Dollar Settlement Of Investigations Into T-Mobile Data Breaches With Significant Improvements To Company’s Cybersecurity
WASHINGTON, September 30, 2024—The Federal Communications Commission today announced a groundbreaking data protection and cybersecurity settlement with T-Mobile to resolve the Enforcement Bureau’s investigations into significant data breaches that impacted millions of U.S. consumers. To settle the investigations, T-Mobile has agreed to important forward-looking commitments to address foundational security flaws, work to improve cyber hygiene,…