CBC reports: An Ottawa man convicted on charges related to a ransomware attack affecting hundreds of victims was sentenced to two years behind bars on Friday. Matthew Philbert, 33, was arrested by the Ontario Provincial Police (OPP) in late 2021 following a lengthy investigation that also involved the RCMP, the FBI and Europol. Philbert was accused of co-ordinating…
HHS Releases New Voluntary Performance Goals to Enhance Cybersecurity Across the Health Sector and Gateway for Cybersecurity Resources
January 24 Today, the U.S. Department of Health and Human Services (HHS), through the Administration for Strategic Preparedness and Response (ASPR), is releasing voluntary health care specific cybersecurity performance goals (CPGs) and a new gateway website to help Health Care and Public Health (HPH) sector organizations implement these high-impact cybersecurity practices and ease access to the…
Looking Ahead to the FTC’s Implementation of the Data Breach Notification Rule for Nonbanking Financial Institutions
Alexander Boyd , Colin H. Black of Polsinelli PC write: Beginning on May 13, 2024, nonbanking “financial institutions” must notify the Federal Trade Commission (“FTC”) within 30 days of discovering a data breach involving the nonpublic personal information of at least 500 consumers. These covered organizations can include a wide variety of companies that engage…
Zero-day, supply-chain attacks drove data breach high for 2023
CSO reports: Zero-day exploits, supply chain attacks fuel 72% increase over previous record for incidents of compromise. Another increase is expected for 2024. A new record for data breaches reported to the Identity Theft Resource Center (ITRC) was set in 2023, spurred by zero-day and supply chain attacks, according to the organization’s annual data breach report released Thursday. The report…
23andMe’s data hack went unnoticed for months
23andMe may try to blame the victims for their massive data breach, but how are they going to blame anyone for it taking them five months to detect the breach? Mariella Moon reports: In late 2023, genetic testing company 23andMe admitted that its customer data was leaked online. A company representative told us back then that the bad…
Interview with the Knight Group, the heir of Cyclops
Marco A. De Felice, aka amvinfe, writes: It happens very often nowadays to witness the sudden disappearance of ransomware groups that have been active for only a few months. In the last three years, we have counted at least twenty of them that have “vanished from the radar” of journalists and researchers. Some of these…