Andrei Stoica of DLA Piper writes: Just days after proudly announcing its first fine under the GDPR, the Romanian Data Protection Authority has done it again: World Trade Center Bucharest S.A. must pay 15,000 euro for breaching the provisions of Art. 32 para. (4) GDPR corroborated with Art. 32 paras. (1) and (2) GDPR. What…
Category: Of Note
Ransomware Attacks Create Dilemma For Cities: Pay Up Or Resist?
Wade Goodwyn reports: It’s been a bad summer so far for government information systems. Hackers have used ransomware to attack the data networks of Baltimore, the Georgia courts system and Lake City, Fla., to name a few. And the decision as to whether to pay the extortionists ransom is fraught. Pay them, get the decryption…
Quebec, federal Privacy Commissioners investigate Desjardins breach
From the Office of the Privacy Commissioner of Canada, an announcement concerning the alleged rogue insider breach at a financial institution that impacted the personal information of more than 2.9 million of its members, including 2.7 million individual members and 173,000 business members. On July 8, the Commissioner announced: The Commission d’accès à l’information du…
Hack Brief: A Card-Skimming Hacker Group Hit 17K Domains—and Counting
Brian Barrett reports: You may not recognize the name Magecart, but you’ve seen its impact. A set of sophisticated hacking groups, Magecart has been behind some of the bigger hacks of the past few years, from British Airways to Ticketmaster, all with the singular goal of stealing credit card numbers. Think of them as the…
ICO statement: Intention to fine British Airways £183.39m under GDPR for data breach
In September, 2018, the International Airlines Group (IAG) announced that British Airways was investigating a possible data breach involving its website and mobile application. Soon after, we learned that 380,000 payments had been compromised in a few weeks between August 21, when Magecart malware was injected, and early September. Today, the U.K.’s Information Commissioner’s Office…
Sometimes, paying the ransom doesn’t solve the problems
Paying ransom doesn’t always guarantee that a ransomware victim will be able to recover all of the encrypted data. Some more food for thought in a news story today about ransomware in the New York Times that highlights how small government entities are being targeted recently: The F.B.I. said it had received nearly 1,500 ransomware…