I have no doubt that numerous sites will start generating “lessons learned” or “five takeaways” from the Blackbaud breach — if they haven’t done so already. And perhaps one of the consequences of this mega-breach needs to be a discussion of whether some entities are unnecessarily giving their fundraising arms or business associates too much…
Maze attackers adopt Ragnar Locker virtual machine technique
Andrew Brandt and Peter Mackenzie of Sophos report: While conducting an investigation into an attack in July in which the attackers repeatedly attempted to infect computers with Maze ransomware, analysts with Sophos’ Managed Threat Response (MTR) discovered that the attackers had adopted a technique pioneered by the threat actors behind Ragnar Locker earlier this year,…
Cyber security breach at National Informatics Centre, malware attack traced to Bengaluru
ET reports: Breaching cyber security a malware attack on 100 computers of the National Informatics Centre (NIC) was reported on Friday. The government’s nodal agency NIC is responsible for securing critical cyber-infrastructure in the country and comes under the Ministry of Electronics and Information Technology (MeitY). Read more on ET.
Ca: Regina clinic failed to notify patients of privacy breach, says commissioner
Mark Melnychuk reports: An investigation by Saskatchewan’s privacy commissioner found that a Regina medical clinic did not notify patients when a doctor’s dictation machine containing personal health information went missing a year ago. According to the report filed on Sept. 15, Saskatchewan Information and Privacy Commissioner Ronald J. Kruzeniski wrote that his office was notified…
Anglicare Sydney being held to ransom over sensitive data stolen from computer system
Ursala Malone reports: Anglicare Sydney has confirmed that it is being held to ransom over a large amount of potentially sensitive information that has been stolen from its computer system. The not-for-profit organisation holds records on adoption and foster care as well as counselling and mental health services. Read more on ABC (AU). The organization…
PA: Geisinger Berwick notifying hundreds of patients after firing employee for improper access to records
Geisinger Berwick is notifying more than 700 patients whose patients’ records were accessed without justification by a now-former employee. As first reported by Times Leader, the improper access began in June 2019 and would likely still be continuing were it not for an employee that reported their concern about the employee’s actions to the clinic…