Rachel Walker and Elouise Casey of Dentons write: Failure to comply with the mandatory breach reporting regime is arguably the canary in the coal mine for regulatory compliance to Australian Securities and Investments Commission (ASIC). We are expecting ASIC’s second annual report on the regime to be published very shortly, and we expect compliance has not…
1Password, Cloudflare affected by Okta compromise
Jonathan Greig reports: Password manager 1Password and cybersecurity and networking giant Cloudflare were targeted by hackers following the breach affecting single sign-on provider Okta, according to statements from both companies. First reported by Ars Technica and later confirmed in a blog post directly from company chief technology officer Pedro Canahuati, 1Password said it detected suspicious activity on its Okta instance that…
No need to hack when it’s leaking, Wednesday edition
Millions of Highly Sensitive Patient Records Exposed in Medical Diagnostic Company Data Breach Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to WebsitePlanet about a non-password protected database that contained over 12 million records containing medical diagnostic scans, test results, and other potentially sensitive medical records. The database contained a massive amount of medical test results that included…
Indian govt’s insistence that Aadhaar is secure rings hollow in wake of breaches
Joel R. McConvey reports: India is bleeding biometric information, with new data breaches giving credence to a recent report by the credit rating agency Moody’s warning that Aadhaar’s centralized biometric digital ID system has privacy and security vulnerabilities. A piece in Security Affairs reports that earlier this month, the cybersecurity firm Resecurity found hundreds of millions of records containing…
Orange County’s DA’s Office experiences data breach
Jaz Mendez reports: Hackers broke into the Orange County District Attorney’s office’s information technology system last week, the DA’s office announced Monday. The office did not specify whether any information was compromised, but said in a press release that it took “immediate action” to shut down its cybersecurity infrastructure as soon as it learned of…
University of Tokyo PC Infected with Malware in July 2022; Possible Leak of Students’ Addresses, Grades
The Yomiuri Shimbun reports: A computer at the University of Tokyo had been infected with malware, possibly leaking up to 4,341 files containing addresses and grades of students from the academic years of 2003 to 2022, the university said Tuesday. The PC belonged to the Graduate School of Arts and Sciences, the College of Arts…