The Irish Data Protection Commission has issued guidance on data breach notification under GDPR. Attorneys at Fox Rothschild have prepared a summary that begins: Key takeaways: A personal data breach is a security incident that negatively impacts the confidentiality, integrity, or availability of personal data, with the consequence that the controller is unable to ensure…
Category: Of Note
Senator Demands Review of How DHS Shares PII With Contractors
Akshaya Asokan reports: Sen. Maggie Hasan, D-N.H. is demanding that the U.S. Government Accountability Office review how the Department of Homeland Security shares personal data with third parties following several recent security incidents in which such information was exposed. In an Oct. 23 letter to the GAO, Hassan writes that recent “troubling” security incidents connected to…
Open wide and say, “Ugh, My Data!!!!!”
This is the story of how mapping and analysis of an open elastic search led to the discovery of a misconfigured Amazon s3 bucket that exposed data from hundreds of thousands of dental patients. If you live in Brazil, you may already be experiencing breach fatigue from having had so much of your personal and…
Does improved infosec lead to delayed care and more fatal heart attacks in hospitals?
Nsikan Akpan has a report on PBS that is worth reading, especially now that I’ve gotten rid of their headline that I really really really didn’t think was accurate. Apkan starts by reminding us all how a ransomware attack on a hospital could have life-threatening consequences. But the main point of his piece is to…
A DDoS gang is extorting businesses posing as Russian government hackers
File this one under “Ooh, that’s clever!” Catalin Cimpanu reports. For the past week, a group of criminals has been launching DDoS attacks against companies in the financial sector and demanding ransom payments while posing as “Fancy Bear,” the infamous hacking group associated with the Russian government, known for hacking the White House in 2014…
White House kicks infosec team to curb in IT office shakeup
Sean Gallagher reports: An internal White House memo published today by Axios reveals that recent changes to the information operations and security organizations there have left the security team in tumult, with many members headed for the door. And the chief of the White House’s computer network defense branch—who wrote the memo after submitting his…