One year ago, Canadian businesses became subject to increased data breach notification requirements under PIPEDA (the Personal Information Protection and Electronic Documents Act). Rather than deciding whether to voluntarily disclose or report breaches, they were now required to report all breaches that pose a significant risk of harm to individuals to the Office of the…
Category: Of Note
Desjardins data breach much larger than first estimated, affecting ALL 4.2 million members
Frédéric Tomesco reports: All of Mouvement Desjardins’ individual members, 4.2 million people, have had their personal information compromised as a result of the actions of a single employee, who has since been fired, chief executive officer Guy Cormier said Friday. That’s about 56 per cent more than the total that Desjardins first disclosed June 20. With Sûreté du…
It’s “completely ridiculous” that pentesters are still facing criminal charges in Iowa for doing what they were hired to do.
If Iowa doesn’t get its act together, businesses and government will have trouble getting security firms to analyze and test their security. Even after law enforcement was told that Justin Wynn and Gary DeMercurio were Coalfire employees just doing what Coalfire had been hired to do by the judicial branch, the men are still facing…
Hack of Chilean national police exposes more than 10,000 files, including intelligence
I’m going to have to use a Google translation for this one as my Spanish is rusty, but Nicolás Sepúlveda reports on ciperchile.cl about repeated hacks of the Carabineros de Chile, the Chilean national police. The hacks are part of the ongoing political unrest and activism in the country. Sepúlveda reports that CIPER has reviewed…
2 Plead Guilty in 2016 Uber and Lynda.com Hacks
Mike Isaac reports: Two men pleaded guilty in federal court in San Jose, Calif., to charges of computer hacking and an extortion conspiracy on Wednesday, capping a thorny legal saga that ensnared tech companies like Uber and LinkedIn in data breach scandals. The resolution of the case comes as Americans grapple with theft and misuse…
Confirmed: North Korean malware found on Indian nuclear plant’s network
Catalin CImpanu reports: The network of one of India’s nuclear power plants was infected with malware created by North Korea’s state-sponsored hackers, the Nuclear Power Corporation of India Ltd (NPCIL) confirmed today. News that the Kudankulam Nuclear Power Plant (KNPP) might have been infected with a dangerous strain of malware first surfaced on Twitter on…