Jenina P. Ibañez reports: Victims of personal data breaches may request cease-and-desist orders from the National Privacy Commission (NPC) if the breach violates their privacy rights and causes “irreparable injury.” The NPC, in circular no. 20-02 signed on Oct. 6, said that it may issue such orders in the event of violations or threats to…
Category: Of Note
An Interview with “UNKN” Sheds Light on REvil’s Operations & Future Victims
Yelisey Boguslavskiy writes: On October 23, 2020, a Russian-speaking tech blog YouTube channel “Russian OSINT” published an interview with one of the representatives of the REvil ransomware syndicate – “UNKN”/”Unknown”. A twenty-minute interview covers important subjects such as victims, tactics, and strategies employed by REvil. While some of the information shared by UNKN has already…
Update: Has Guilford Technical Community College notified more than 43,000 students of data breach?
On September 19, DataBreaches.net reported that Guilford Technical Community College (GTCC) in North Carolina had apparently become a ransomware victim of DoppelPaymer on September 13. But on October 6, GTCC was no longer listed on the threat actors’ dedicated leak site. The removal of a victim’s name often indicates that the victim had a change…
A nightmare breach involving psychotherapy records just got worse
There’s an update to previous post about a ransom situation in Finland impacting 40,000 psychotherapy patients at Vastaamo. As initially reported by Vastaamo, a psychotherapy practice with multiple offices and locations, they had been hacked and the hacker had acquired records of patients who had registered before the end of November 2018. Other sources reported…
Hackers behind life-threatening attack on chemical maker are sanctioned
Dan Goodin reports: Russian state nationals accused of wielding life-threatening malware specifically designed to tamper with critical safety mechanisms at a petrochemical plant are now under sanction by the US Treasury Department. The attack drew considerable concern because it’s the first known time hackers have used malware designed to cause death or injury, a prospect that…
Names, Private Information Of Child Sex Crime Victims Were Illegally Made Public In Cook County Court Records
Samah Assad, Christopher Hacker, and Brad Edwards report: Cook County officials left the personal information of child sex crime victims in public court records, violating a state law that requires those details be kept hidden. The person charged with protecting those victims’ privacy in the records, Circuit Court Clerk Dorothy Brown, refused to restrict access to them for more than a month after being told about…