Ax Sharma reports: … Last month, BleepingComputer exclusively reported that multiple Indian government websites were leaking COVID-19 patient test reports. This week, security researcher Sourajeet Majumder has shared with BleepingComputer his discovery of another government website exposing millions of COVID-19 test results. Read more on BleepingComputer.
Category: Of Note
“Without Undue Delay,” Friday edition
The Jacobson Memorial Hospital & Care Center had a breach last year that they are first disclosing this week. Here’s the chronology, based on a statement from their external counsel: July 28, 2020 — One employee’s email account is compromised and used to send out spam. August 5, 2020 — Hospital manages to kick bad…
TikTok Will Pay $92M to Settle Lawsuit Over Personal Data ‘Theft’
Stephanie Milot reports: TikTok has agreed to pay $92 million to settle a class-action lawsuit alleging the social network collected users’ biometric information and personal data without consent and shared it with third parties. The proposed settlement applies to 89 million TikTok members in the US whose personal data was allegedly tracked and sold to advertisers in…
French Regulator Lambasts Health Firms Over Mass Data Leak
Helene Fouquet reports: France’s privacy watchdog said it’s investigating the leak of sensitive health data on half a million people and said the companies involved could face heavy penalties if they don’t come forward with details of the breaches. The leaks were of “particularly significant magnitude and severity,” the CNIL said in a statement. Hackers may have…
Lazarus targets defense industry with ThreatNeedle
Vyacheslav Kopeytsev and Seongsu Park write: We named Lazarus the most active group of 2020. We’ve observed numerous activities by this notorious APT group targeting various industries. The group has changed target depending on the primary objective. Google TAG has recently published a post about a campaign by Lazarus targeting security researchers. After taking a closer look,…
Insider Cloud Data Theft Plagues Healthcare Sector
Phil Muncaster reports: Over a third (35%) of global healthcare organizations suffered cloud data theft by malicious insiders last year, according to data from Netwrix. The findings come from the security vendor’s 2021 Netwrix Cloud Data Security Report, based on interviews with 937 IT professionals around the world. It claimed that while insider theft was less…