Mark Young, Shona O’Donovan and Paul Maynard of Covington & Burling writes about the recent news-making fine the DPC issued to Twitter. They write, in part: Process aside, the DPC’s decision contains some interesting points on when a controller is deemed to be “aware” of a personal data breach for the purpose of notifying a…
Microsoft identifies second hacking group affecting SolarWinds software
Sean Lyngaas reports: Microsoft revealed that a second hacking group had deployed malicious code that affects software made by SolarWinds, the federal contractor at the center of a suspected Russian espionage campaign against multiple U.S. government agencies. “[T]he investigation of the whole SolarWinds compromise led to the discovery of an additional malware that also affects…
Securing Picture Archiving and Communication System (PACS) Cybersecurity for the Healthcare Sector:
NIST SP 1800-24 OCR is sharing the National Cybersecurity Center of Excellence’s (NCCoE) at the National Institute for Standards and Technology (NIST) SP 1800-24, Securing Picture Archiving and Communication System (PACS): Cybersecurity for the Healthcare Sector. This practice guide can help HIPAA covered entities and their business associates implement current cybersecurity standards and best practices to…
Breach alerts dismissed as junk? New guide for sending vital emails may help
An article by Bradley Barth raises a number of good points for entities to consider — BEFORE they ever need to send breach notification emails. And not only does the article describe considerations for entities/senders, but the article also provides some tips for recipients of notification emails: …the Messaging, Malware and Mobile Anti-Abuse Working Group…
WA: City of Ellensburg is the victim of a ransomware cyberattack
Dylan Carter reports that the city confirms it is the victim of a ransomware attack. The type of ransomware has not been named publicly, nor the amount of any ransom demand. The majority of the City of Ellensburg’s network drives and data cannot be accessed. With that being the case, all city departments are being…
Huntsville City School warns parents that personal info may have been stolen in ransomware attack
On December 1, Huntsville City Schools shut down classes for the day due to a ransomware threat. Now, after three weeks of investigating the situation, the district is warning parents about personal information being compromised in the attack. Megan Reyna of WAAY31 reports: School leaders say it is possible social security numbers and email addresses…