Wilfred Chan reports: Providers of critical infrastructure in the United States are doing a sloppy job of defending against cyber intrusions, the National Security Council tells Fast Company, pointing to recent Iran-linked attacks on U.S. water utilities that exploited basic security lapses. The security council tells Fast Company it’s also aware of recent intrusions by hackers linked to China’s…
Category: Of Note
Kazakhstan to extradite Russian cyber expert to Moscow despite US requests
Daryna Antoniuk reports: Kazakhstan will reportedly extradite a prominent Russian cybersecurity expert to Moscow after refusing to send him to the U.S. Nikita Kislitsin, who was detained in Kazakhstan earlier in June at the request of the U.S., will face hacking and extortion charges in his home country, according to Moscow’s Prosecutor General’s Office. There was no official confirmation…
Health data breaches hit an all-time high in 2023
Katie Palmer reports: Odds are, you’ve gotten at least one of the unnerving letters in your mailbox this year: “We’re writing to inform you of a cybersecurity incident,” it might start. It’s the standard notice many health care organizations are required to provide when your protected health information gets exposed — and in 2023, data…
Online platform Carousell violated Hong Kong privacy laws, watchdog finds, after data of over 320,000 locals leaked
Harvey Kong reports: Popular online marketplace Carousell violated Hong Kong’s privacy laws, a watchdog said on Thursday, following the discovery of the personal data of more than 320,000 local users available for sale on the dark web. The Office of the Privacy Commissioner for Personal Data announced the findings from its investigation into the leak,…
Court of Justice of the European Union Rules That Fear May Constitute Damage Under the GDPR
Hunton Andrews Kurth writes: On December 14, 2023, the Court of Justice of the European Union (“CJEU”) issued its judgment in the case of VB v. Natsionalna agentsia za prihodite (C‑340/21), in which it clarified, among other things, the concept of non-material damage under Article 82 of the EU General Data Protection Regulation (“GDPR”) and the rules…
USD 300 million seized and 3,500 suspects arrested in international financial crime operation
From Interpol: LYON, FRANCE – A transcontinental police operation against online financial crime has concluded with almost 3,500 arrests and seizures of USD 300 million (approx. EUR 273 million) worth of assets across 34 countries. The six-month Operation HAECHI IV (July-December 2023) targeted seven types of cyber-enabled scams: voice phishing, romance scams, online sextortion, investment…