Skye Witley reports: New York regulators assigned heightened cybersecurity requirements to banks, insurers, and financial services providers based in the state with the release of finalized rule amendments Wednesday. Covered entities will have to use multifactor authentication, expand cybersecurity governance duties, and conduct consistent threat testing under the regulation updated by the New York Department of Financial…
Okta hit by third-party data breach exposing employee information
Bill Toulas reports: Okta is warning nearly 5,000 current and former employees that their personal information was exposed after a third-party vendor was breached. Okta is a San Fransisco-based cloud identity and access management solutions provider whose Single Sign-On (SSO), multi-factor authentication (MFA), and API access management services are used by thousands of organizations worldwide….
Wawa Data Breach Settlement’s $3 Million Lawyers Fee Rejected
Jennifer Kay reports: A federal appeals court has vacated over $3 million in attorneys’ fees awarded as part of a $12.2 million data breach settlement against Wawa Inc. The fee award issue now is remanded to the district court “to take a closer look at the reasonableness of the attorney’s fees in proportion to class…
SG: Healthcare institutions website outage did not disrupt critical service but it does shake confidence
Carmen Sin reports from Singapore: The websites of major public hospitals, polyclinics and healthcare clusters in Singapore could not be accessed for more than seven hours on Wednesday after they crashed at about 9.20am. Access was restored at about 4.30pm but, until then, users were unable to access the websites of Singapore General Hospital, Tan…
Town of Iowa in Louisiana victim of ransomware attack: ALPHV publishes a portion of the exfiltrated documents
Marco A. De Felice reports: The ransomware group ALPHV (BlackCat) has published a first part of exfiltrated data from the Town of Iowa in the state of Louisiana. Approximately 250 scanned documents in PDF format have been released, some of which contain visible Social Security numbers (SSNs) of employees, employee salaries, balance sheets, birthdates, addresses,…
Exclusive: Daixin Team claims responsibility for attacks affecting Canadian hospitals, starts leaking data
Daixin Team is now claiming responsibility for — and leaking data from — an attack that has significantly impacted five Canadian hospitals in Ontario. TransForm Shared Service Organization provides IT, supply chain, and accounts payable services to Bluewater Health, Windsor Regional Hospital, Hotel Dieu Grace, Erie Shores Healthcare, Hospice of Windsor-Essex, and the Chatham-Kent…