J.P. Isbell reports: The students who go to Traverse City Area Public Schools (TCAPS) will have an extra day (or two) to celebrate spring break – but not for a good reason. And it’s no joke, even though it’s April Fools’ Day soon. Phone calls and emails went out on Saturday evening regarding what TCAPS…
CISA Alert: Reported Supply Chain Compromise Affecting XZ Utils Data Compression Library, CVE-2024-3094
CISA Alert of March 29, 2024: CISA and the open source community are responding to reports of malicious code being embedded in XZ Utils versions 5.6.0 and 5.6.1. This activity was assigned CVE-2024-3094. XZ Utils is data compression software and may be present in Linux distributions. The malicious code may allow unauthorized access to affected systems….
CISA Issues Notice of Proposed Rulemaking for Critical Infrastructure Cybersecurity Incident Reporting
Ashden Fein, Micaela McMurrough, Caleb Skeath, Robert Huffman, John Webster Leslie, and Shayan Karbassi of Covington and Burling write: On March 27, 2024, the U.S. Cybersecurity and Infrastructure Security Agency’s (“CISA”) Notice of Proposed Rulemaking (“Proposed Rule”) related to the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (“CIRCIA”) was released on the Federal Register website. …
Personal data of 2.7 million Pakistanis ‘stolen’ from government records; some NADRA staffers and officials suspended
EFE reports: An investigation has revealed that personal information of more than 2.7 million Pakistanis has been “stolen” from the records of a government-run body that regulates the database of citizens. A government official said on Wednesday that a team was formed to probe the data leak from the National Database and Registration Authority (Nadra)…
Grassley, Wyden Probe Data Breach that Exposed 1.5 Million Organ Transplant Patients’ Sensitive Data
AJ Taylor reports: Sens. Chuck Grassley (R-Iowa) and Ron Wyden (D-Ore.) are holding the United Network for Organ Sharing (UNOS) accountable after a data breach allowed UNOS system users unauthorized access to over a million sensitive patient records. This technology breakdown is the latest in a string of failures at UNOS, which for 40 years…
Too Speculative’: US Judge Throws Out Data Breach Suit Against Ally Financial
Jane Wester reports: U.S. District Judge Nelson Román of the Southern District of New York on Monday dismissed a proposed class action lawsuit against Ally Financial, finding that the plaintiff failed to establish the injury suffered by a data breach incident. Named plaintiff David De Medicis sued the bank in 2021, arguing that the security…