Catalin Cimpanu reports: A newly discovered malware strain is a multi-tasking threat that besides working as ransomware and encrypting users’ files, it can also log and steal their keystrokes, and add infected computers to a spam-sending botnet. This new threat is named Virobot and appears to be under development, and comprised of multiple components that…
Chinese police arrest 21 over data theft at Alibaba’s delivery arm: Xinhua
Meg Shen reports: Chinese police on Friday arrested 21 suspects in connection with the theft of customer information from Alibaba Group Holding’s logistics affiliate Cainiao Network, state news agency Xinhua reported. More than 10 million pieces of client data — including user names, phone numbers and parcel tracking numbers — were stolen from Cainiao, which…
SingHealth data breach reveals several ‘inadequate’ security measures
Eileen Yu reports: Investigation into Singapore’s most severe cybersecurity breach has uncovered several poor security practices, including the use of weak administrative passwords and unpatched workstations. The findings were revealed on the first day of hearings led by the Committee of Inquiry (COI), a team set up to probe a July 2018 security breach that…
UK: Arran Brewery blackmailed by hackers as Scottish beer firm becomes latest victim of sophisticated Ransomware attack
Jonathan Whitelaw reports: A Tiny Scots brewery has been blackmailed by cyber hackers as part of a sophisticated Ransomware attack. Bosses at The Arran Brewery were targeted by the online crooks before bringing in experts to beef up their security. And they say that the attack caused severe disruption to the business and the loss…
Unauthorized Disclosure of Patients’ Protected Health Information During “Boston Med” Filming Results in Multiple HIPAA Settlements Totaling $999,000
Today was not a good day for hospitals in Massachusetts. First, we saw the state’s attorney general announce a settlement between the state and UMass Memorial Healthcare and UMass Memorial Medical Centers involving insider breaches for fraudulent purposes. And now we see this announcement from the federal regulator, OCR: Today, the Department of Health and…
House Financial Services Committee passes R.6743
Aaron Lancaster of BakerHostetler has a great privacy rewind for the week that includes action in Congress. He writes: House Committee Passes Federal Data Breach Notification Bill for Financial Institutions The House Financial Services Committee passed R. 6743, the Consumer Information Notification Requirement Act, which would require financial institutions to notify affected customers of a data…