This is big. From the Council of the EU: The Council adopted today a new law on cybersecurity requirements for products with digital elements with a view to ensuring that products, such as connected home cameras, fridges, TVs, and toys, are safe before they are placed on the market (cyber resilience act). The new regulation…
Disruptive cyberattacks against healthcare on the rise, with increasing impacts to patient care, survey finds
Dave Muoio reports: Reports of recent cyberattacks and disruptions in patient care have ticked up among healthcare organizations since 2023, with the average attack bringing just under $1.5 million in operational disruptions, according to a new survey analysis. Among 648 IT and security practitioners polled this spring, 92% said their organization had faced at least…
National cyber director warns of ransomware, Chinese infrastructure attacks and cyber supply chain concerns
Jonathan Greig reports: One of the top cybersecurity officials in the U.S. said Wednesday that he was especially concerned with Chinese infiltration of the country’s critical infrastructure, as well as software supply chain risks and the continued expansion of ransomware. Although there have been several recent disclosures about Beijing-linked hacking campaigns, National Cyber Director Harry…
Internet History Hacked, Wayback Machine Down—31 Million Passwords Stolen
Davey Winder reports: Hackers have compromised the Internet’s past, the Internet Archive’s Wayback Machine, stealing 31 million passwords and launching a massive Distributed Denial of Service attack in the process. It is unclear if the two security incidents, the compromise of the Internet Archive’s authentication database containing registered member details, including hashed passwords, and the…
National Public Data files for bankruptcy, admits ‘hundreds of millions’ potentially affected
Iain Thomson reports: The Florida business behind data brokerage National Public Data has filed for bankruptcy, admitting “hundreds of millions” of people were potentially affected in one of the largest information leaks of the year. In June, the hacking group USDoD put a 277.1 GB file of data online that contained information on about 2.9 billion…
Privacy and Security of Student Data (Follow-Up of Audit of NY State Education Department)
Issued Date: September 26, 2024 Agency/Authority: State Education Department Full Report (.pdf) Objective To determine the extent of implementation of the three recommendations included in our initial audit report, Privacy and Security of Student Data (Report 2021-S-29). About the Program The State Education Department (SED) is part of the University of the State of New York, one of…