YLE News reports: The perpetrator of a major hacking of the City of Helsinki’s education division’s database could have accessed the personal information of all compulsory school aged children in the capital, as well as their parents or guardians, the city has revealed in a press release. City authorities announced last week that the data breach affected about…
Category: Of Note
FTC Finalizes Order with Blackbaud Related to Allegations the Firm’s Security Failures Led to Data Breach
The Federal Trade Commission has finalized an order against Blackbaud Inc. settling allegations that its lax security practices allowed a hacker to breach the company’s network and access the personal data of millions of consumers including Social Security and bank account numbers. In a complaint first announced in February 2024, the FTC charged that the South Carolina firm,…
HHS launches $50M security initiative to thwart hospital ransomware
Chad Van Alstin reports: The U.S. Department of Health and Human Services (HHS) is launching a $50 million incentive program to encourage hospitals to improve their cybersecurity. Dubbed the Universal Patching and Remediation for Autonomous Defense—or UPGRADE—program, the initiative aims to speed up vulnerability detection and patch deployment through the creation of a platform that…
Swiss law enforcement actions appear linked to seizure of BreachForums
There have been a few developments likely related to the seizure of BreachForums. As a preview, recall that Kantonspolizei Zürich was one of the cooperating entities in the takedown and that the seizure notice had two avatars behind bars. One avatar was Baphomet, the administrator of the forum. The other was a default avatar that…
British Library’s candid ransomware comms driven by ’emotional intelligence’
Connor Jones reports: Emotional intelligence was at the heart of the British Library’s widely hailed response to its October ransomware attack, according to CEO Roly Keating. The British Library’s (BL) ransomware attack last year was one of the most damaging in recent memory, at least in the UK. The transparency of the organization’s response over…
Utah Updates to Breach Notification Requirements Take Effect
Dorothy Parson McDermott of JacksonLewis writes: On May 1, 2024, amendments to Utah’s cybersecurity and data breach notification law took effect. The state’s cybersecurity and data breach notification law requires an organization that conducts business in the State of Utah to prevent the unlawful use or disclosure of personal information collected by the organization. Under…