From the Norwegian Data Protection Authority: The Norwegian parliament – the Storting – had a data breach in late 2020. In January, the Data Protection Authority gave notice of a NOK 2 million fine for inadequate security. We have now considered the Storting’s comments and decided to maintain the fine. Norwegian parliament fined “Our conclusion…
Category: Of Note
LabMD gets another shot at defamation claim against ‘extortionate’ infosec biz
Jessica Lyons Hardcastle reports: LabMD, the embattled and now defunct cancer-testing company, will get another chance at suing security firm Tiversa for defamation following an appeals court ruling. The testing laboratory has long alleged that: Tiversa illegally obtained a 1,178-page computer file containing confidential data on more than 9,000 LabMD patients back in 2008; lied…
HC3 Threat Profile: Evil Corp
The following is not a paragraph from a story about fictional cybercriminals called Evil Corp. The following paragraph is from a white paper released this week by the U.S. Department of Health & Human Services because there is a criminal enterprise known as Evil Corp that poses a serious threat to the healthcare sector. Typographical…
Insurers must rethink handling of cyber attacks on states
There have been a number of lawsuits addressing the issue of whether some cyberattacks should be excluded from cyberinsurance coverage as “acts of war.” Josephine Wolff, author of Cybersecurity Policy, writes: The invasion of Ukraine earlier this year drew considerable global attention to the possibility that Russia might combine its physical attacks on the country…
New Golang Ransomware Agenda Customizes Attacks
Mohamed Fahmy, Nathaniel Gregory Ragasa, Earle Maui Earnshaw, Bahaa Yamany, Jeffrey Francis Bonaobra, and Jay Yaneza write: We recently discovered a new piece of targeted ransomware that was created in the Go programming language and that explicitly targeted one of our customers. This was evidenced by the specific email addresses and credentials the ransomware used. Malware written in…
Edfinancial and OSLA student loan account registration info hacked in Nelnet breach; 2.5 million affected
Many student loan borrowers caught a huge break this week with government forgiveness of some student loan debt. But for 2.5 million student loan borrowers, the week also brought news of a breach of their contact information and Social Security numbers. Nelnet Servicing in Nebraska provides technology services to EdFinancial and OSLA, including portals that…