The Office of Inadequate Security
Richard Holmes reports: UK ambulance services have been targeted by Russian hackers, risking disruption to their communication systems, with the potential to severely hamper Britain’s emergency services. Intelligence material seen by i shows that over the past 12 months, a Kremlin-protected hacking network has targeted key suppliers to The UK Ambulance Services and Ministry of Defence (MoD)….
Paul Kunert reports: Two former workers at roadside assistance provider RAC were this week given suspended sentences after illegally copying and selling tens of thousands of lines of personal data on people involved in accidents. Debbie Okparavero, 61, of Salford, and Maliha Islam, 51, of Manchester, had worked as customer services specialists at RAC’s call…
A report by Evan Schuman about recent Marriott settlements with the FTC and state attorneys general suggests that the settlements leave much to be desired. Both settlements have cybersecurity requirements, and the state settlement has a monetary component, but neither is strong enough as far as some experts are concerned. Here’s a snippet or two…
Frank O’Laughlin reports: An investigation is underway after a payroll-related cyberattack led to “unauthorized access” to online payroll accounts and direct deposit information of some state workers, Massachusetts Comptroller William McNamara announced Wednesday night. The Commonwealth is investigating the breach as an apparent “credential harvesting campaign” involving the state’s HR/CMS Employee Self-Service Time and Attendance…
Ryan Marshall reports: A Mount Airy medical office is assuring patients that no data was compromised in a ransomware attack on the office’s computer system discovered last year, part of what federal officials say is a dramatic increase in such incidents in recent years. […] Family Medical Center in Mount Airy reported that it learned…
This is big. From the Council of the EU: The Council adopted today a new law on cybersecurity requirements for products with digital elements with a view to ensuring that products, such as connected home cameras, fridges, TVs, and toys, are safe before they are placed on the market (cyber resilience act). The new regulation…