Joe Uchill has a good interview with Craig Hoffman of BakerHostetler about their recent report that includes their extensive incident response experiences handling ransomware incidents. BakerHostetler has always been one of my most trusted resources on breach responses, as they are quite blunt about their advice — even when it may be what government or…
NSW readies its own data breach notification scheme for state agencies
Asha Barbaschow reports: The New South Wales government is preparing a new Bill that will require public sector and state-owned entities to report a data breach to the Privacy Commissioner as well as any affected individuals. The Privacy and Personal Information Protection Amendment Bill 2021 aims to strengthen privacy protection in NSW and extends the federal breach…
Ca: Brreach possibly affects 100s of Yukon gov’t workers: Department of Finance.
Julien Gignac reports: Roughly 400 Yukon government employees may have been affected by a recent privacy breach, according to a spokesperson at the Department of Finance. […] According to a government-issued notice obtained by CBC, a problem occurred during the processing of T4 and T4A slips that may have caused information such as Social Insurance…
Ro: Cluj County Council’s website was hacked by hackers. They are asking for $100 in bitcoins
Digi24 reports that the Cluj County Council was hacked and the threat actors demand $100 USD in BTC if the council doesn’t want the files dumped. The following is a translation of the defacement: All files have been encrypted and a backup copy of the site has been saved. If you do not want the…
WA: SEIU 775 Benefits Group notifying 140,000 about hack
On April 4, SEIU 775 Benefits Group in Washington experienced abnormal activity in their system and started investigating. Their investigation revealed that an unauthorized individual had gained access to their systems and had deleted some files with personal and protected health information in the process. There was no evidence, however, that the unauthorized individual had…
Nexelis Group responds to malware attack on systems formerly owned by Pacific Biomarker
Here’s another breach that has not been in the headlines (or at least, not yet). On November 8, 2020, Nexelis Group discovered that their system had been encrypted by malware. According to the notification letter sent to patients in April, the information was contained on the server of a company that Nexelis recently acquired, Pacific Biomarkers….