Ellen Nakashima reports: Russian government hackers engaged in a sweeping series of breaches of government and private-sector networks have been able to penetrate deeper into Microsoft’s systems than previously known, gaining access to potentially valuable source code, the tech giant said Thursday. The firm previously acknowledged that it had inadvertently downloaded a software patch used…
Indiana attorney general says no charges recommended in fetal remains case
One of the most disturbing privacy and data security cases of the decade has come to an end of sorts. Rick Callahan of AP reports the update to a case first reported last year, but caution: this story may be triggering for some people. Indiana’s attorney general recommended no criminal charges or licensing actions Wednesday…
IndiGo Says Some Data May be Compromised in Server Breach
Ragini Saxena reports: IndiGo, India’s biggest airline, said some segments of its data servers were breached in a hacking incident in December, which may compromise some data. “There is a possibility that some internal documents may get uploaded by the hackers on public websites and platforms,” IndiGo said in a statement Thursday. “We realise the…
Wishing You a Happy, Healthy, and Safe New Year
Wishing all our readers a happy, healthy, and safe new year in 2021.
ROMWE’s press release reflects an abundance of …. something, but not caution.
This week, I drafted a commentary mocking ROMWE’s for claiming that they were notifying their consumers about a breach out of “an abundance of caution.” Then I decided to try to be nice, and I trashed it. Yesterday, Marco de Felice wrote a piece about the breach that shows that it was even worse than…
As 2020 draws to a close, it still takes too long to detect and notify patients of most breaches
The press release below the separator includes the kind of timeline that we often see in breach disclosures where an employee’s email account has been hacked. It continues to take many entities too long, in this blogger’s opinion, to detect breaches of their systems, then determine that PHI was involved, and then notify. In this…