As most people know by now, there are a LOT of victims from Clop’s attack on Progress MoveIT. So many, in fact, that they posted an announcement to all victims, giving the victims until June 14 to contact Clop to negotiate payment to delete data. The Boots pharmacy chain in the U.K. was affected, but…
Category: Of Note
The 2023 Verizon DBIR is out — get your copy now
Verizon’s top-notch annual Data Breach Investigations Report (DBIR) is out. You can jump to the Executive Summary of the report, download the entire report, or view it online. Here is its seven key insights infographic, below. Of the seven key insights, the figure that stands out the most to me is 74%: 74% of all…
Update on GLBA Safeguards Rule in Higher Education
Benjamin Wanger and Pierce T. Cox of BakerHostetler write: On February 9, 2023, the Department of Education Office of Federal Student Aid (“FSA”) issued an electronic notice regarding the Federal Trade Commission’s Final Rule amending the Standards for Safeguarding Customer Information (“Safeguards Rule”) under the Gramm-Leach-Bliley Act (“GLBA”). The amendments to the Safeguards Rule, which go into…
Hong Kong privacy watchdog warns data management firm over possible exposure of credit histories of 180,000 people
Sammy Heung reports: Hong Kong’s privacy watchdog has threatened to take legal action against a data management firm for failing to protect the credit histories of about 180,000 people from unauthorised access. The Office of the Privacy Commissioner for Personal Data on Thursday said it received a complaint in December 2021 from an individual who…
Developing: RaidForums users db leaked
In what is likely making some people a bit nervous, the users database for RaidForums has been leaked on a forum. The database appears to date to September 2020. It contains entries for the site owner, Omnipotent, as well as moderators, and well-known users. DataBreaches spot-checked the database and found individuals with their known…
New York county still dealing with ransomware eight months after attack
Brandon Vigliaro reports: The fallout from an eight-month-old cyber attack on a county in Long Island, New York has devolved into mud-slinging as leaders try to figure out just what is going on. Suffolk County was hit with a ransomware attack in early September 2022, which led county executive Steve Bellone to issue nine separate emergency…