A financial penalty of $14,000 was imposed on Nature Society (Singapore) for breaches of the PDPA. First, the organisation failed to put in place reasonable measures to protect personal data on its website database. Second, it did not appoint a data protection officer. Lastly, it did not have written policies and practices necessary to comply…
Category: Of Note
Ransomware gang behind attacks on 50 companies arrested in Ukraine
Catalin Cimpanu reports: Ukrainian authorities have detained five members part of a ransomware gang that carried out attacks against more than 50 companies across Europe and the Americas. The arrests, which took place earlier this week, targeted the group’s leader, a 36-year-old Kyiv resident, his wife, and three acquaintances. Officials said the group hacked into…
OH: Memorial Health System notifies 216,478 patients of malware incident last July
In November, Marietta Area Health Care Inc. dba Memorial Health System notified HHS of a breach. The number affected was submitted as 501 — a number that this site often interprets as just a marker to show that the entity knows there was more than 500 patients to notify, but hasn’t yet figured out exactly…
FCC Chairwoman Rosenworcel Circulates New Data Breach Reporting Requirements
CHAIRWOMAN ROSENWORCEL CIRCULATES NEW DATA BREACH REPORTING REQUIREMENTS Proposal is a Response to Recent Security Breaches in the Telecommunications Industry — WASHINGTON, January 12, 2022—Today Federal Communications Commission Chairwoman Jessica Rosenworcel shared with her colleagues a Notice of Proposed Rulemaking (NPRM) that would begin the process of strengthening the Commission’s rules for notifying customers…
Maryland health workers, lawmakers want answers as problems persist a month after cyberattack
Steve Thompson reports: State health workers still often can’t use computers, access shared drives and get to important data a month after a cyberattack crippled Maryland’s health department, the head of a union representing agency employees said Friday. They’ve received little information about what’s going on and are preparing for the possibility that their systems could remain…
FBI: Hackers use BadUSB to target defense firms with ransomware
Sergiu Gatlan reports: The Federal Bureau of Investigation (FBI) warned US companies in a recently updated flash alert that the financially motivated FIN7 cybercriminal group targeted the US defense industry with packages containing malicious USB devices to deploy ransomware. The attackers mailed packages containing ‘BadUSB’ or ‘Bad Beetle USB’ devices with the LilyGO logo, commonly…