Rorisang Kgosana reports: The department of justice & constitutional development contravened the Protection of Personal Information (POPI) Act, resulting in the loss of more than 1,200 files. The Information Regulator issued an enforcement notice to the department this week for a September 2021 security breach on its IT systems. […] The security breach was caused…
Category: Of Note
North Korea behind SNUH hacking in 2021: police
Lee Han-Soo reports: The personal information leak at Seoul National University Hospital (SNUH) two years ago was found to be the work of North Korean hackers. The National Police Agency’s National Office of Investigation has confirmed that a cyber attack orchestrated by North Korean hackers infiltrated the internal network of SNUH through seven domestic and…
Justice Department Announces Court-Authorized Disruption of Snake Malware Network Controlled by Russia’s Federal Security Service
Through Operation MEDUSA, the FBI, and the U.S. Attorney’s Office for the Eastern District of New York Neutralized the FSB’s Premier Cyberespionage Malware Implant in Coordination with Multiple Foreign Governments The Justice Department today announced the completion of a court-authorized operation, code-named MEDUSA, to disrupt a global peer-to-peer network of computers compromised by sophisticated malware,…
Cyberattacks a Problem for Nearby Emergency Departments, Too
Michael DePeau-Wilson writes: A ransomware attack at one healthcare system had a significant impact on two neighboring emergency departments (EDs) that weren’t targeted in the attack, researchers found. Daily mean ED volume rose 15.1% at the two facilities, from 218.4 in the pre-attack period to 251.4 in the attack period (P<0.001), Christian Dameff, MD, MS, of…
Big Game Hunting is back despite decreasing Ransom Payment Amounts
Coveware’s Q1 report for 2023: Midway through Q1 the winds of progress shifted, and we observed a material increase in attacks on large enterprises that achieved levels of impact that we had not observed since before the Colonial Pipeline attack in May 2021. In 2019 and 2020 it was fairly common to see large enterprises…
New York AG Releases Guide for Businesses on Effective Data Security
Damon W. Silver of JacksonLewis writes: As noted in a prior post, New York’s Attorney General (“NYAG”) has made enforcement of the New York SHIELD Act an enforcement priority. The SHIELD Act requires organizations handling personal information related to New York residents to maintain reasonable safeguards to protect that information. Maintaining its focus on this area, the NYAG…