What does it say when a HIPAA lawyer with years of experience says he didn’t know the FTC has a health breach notification rule? Seen on Jeff Drummond’s blog: ” The U.S. Federal Trade Commission issued a policy statement this week confirming that connected devices and health apps that use or collect consumers’ health information must notify users…
Category: Of Note
U.S. to Target Crypto Ransomware Payments With Sanctions
Well, this is not exactly what I suggested yesterday on Twitter as a strategy (I suggested that every ransomware group that hits the medical sector should be declared a terrorist organization and put on the Treasury’s sanctioned list), but it could help. Ian Talley and Dustin Volz report: The Biden administration is preparing an array…
Credential leak fears raised following security breach at Travis CI
John Leyden reports: Concern is growing within the infosec community that a breach at DevOps platform vendor Travis CI might run deeper than the firm has so far been prepared to admit. Travis CI, a continuous integration and continuous delivery (CI/CD) service for cloud platform projects, admitted to an issue in a post on its community forums while also…
Anonymous leaks gigabytes of data from alt-right web host Epik
Ax Sharma reports: Hacktivist collective Anonymous claims to have obtained gigabytes of data from Epik, which provides domain name, hosting, and DNS services for a variety of clients. These include the Texas GOP, Gab, Parler, and 8chan, among other right-wing sites. The stolen data has been released as a torrent. The hacktivist collective says that…
Free REvil ransomware master decrypter released for past victims
Lawrence Abrams reports: A free master decryptor for the REvil ransomware operation has been released, allowing all victims encrypted before the gang disappeared to recover their files for free. The REvil master decryptor was created by cybersecurity firm Bitdefender in collaboration with a trusted law enforcement partner. While Bitdefender could not share details about how they…
Office of the Privacy Commissioner for Bermuda Issues Data Breach Guide
Odia Kagan of Fox Rothschild writes: The Office of the Privacy Commissioner for Bermuda has issued a helpful guide on the various types of harm that could be caused by a data breach. The office also referred to the Future of Privacy Forum research on potential harms. Read more here, In their guidance, the Bermuda privacy…