From the Office of the Privacy Commissioner of Canada, an announcement concerning the alleged rogue insider breach at a financial institution that impacted the personal information of more than 2.9 million of its members, including 2.7 million individual members and 173,000 business members. On July 8, the Commissioner announced: The Commission d’accès à l’information du…
Category: Of Note
Hack Brief: A Card-Skimming Hacker Group Hit 17K Domains—and Counting
Brian Barrett reports: You may not recognize the name Magecart, but you’ve seen its impact. A set of sophisticated hacking groups, Magecart has been behind some of the bigger hacks of the past few years, from British Airways to Ticketmaster, all with the singular goal of stealing credit card numbers. Think of them as the…
ICO statement: Intention to fine British Airways £183.39m under GDPR for data breach
In September, 2018, the International Airlines Group (IAG) announced that British Airways was investigating a possible data breach involving its website and mobile application. Soon after, we learned that 380,000 payments had been compromised in a few weeks between August 21, when Magecart malware was injected, and early September. Today, the U.K.’s Information Commissioner’s Office…
Sometimes, paying the ransom doesn’t solve the problems
Paying ransom doesn’t always guarantee that a ransomware victim will be able to recover all of the encrypted data. Some more food for thought in a news story today about ransomware in the New York Times that highlights how small government entities are being targeted recently: The F.B.I. said it had received nearly 1,500 ransomware…
Mystery of NSA Leak Lingers as Stolen Document Case Winds Up
Tami Abdollah and Eric Tucker of AP report on what is arguably the most significant insider breach in our government of this century: Federal agents descended on the suburban Maryland house with the flash and bang of a stun grenade, blocked off the street and spent hours questioning the homeowner about a theft of government…
Urgent Cyber Warning For Hospitals Over Threat Of ‘WannaCry Repeat’: Report
Zak Doffman reports: In the two years since the devastating WannaCry cyberattack hit worldwide, institutions have not done enough to protect themselves against a repeat. And that’s especially true in the healthcare sector. A report this week by Imperial College London’s Institute of Global Health Innovation (IGHI) warns that hospitals “remain vulnerable to cyber attack,…