PTI reports: A laptop containing confidential information was allegedly stolen from the offices of a private hospital’s blood bank, police here said on Tuesday. According to a complaint filed by Dr Sangeeta Agarwal, head of blood bank at the Fortis Memorial Research Institute, the laptop was stolen from her office on August 5. Read more…
Ie: Data protection breach at military medical facility
Neil Michael reports: A Defence Forces investigation is under way into another data protection breach of the military’s electronic health record system. The latest investigation centres on the alleged actions of a healthcare worker at a military medical facility. The Defence Forces has said it is the third alleged breach in relation to the electronic military medical…
Lapsus$: court finds teenagers carried out hacking spree
Joe Tidy reports: A court has found an 18-year-old from Oxford was a part of an international cyber-crime gang responsible for a hacking spree against major tech firms Arion Kurtaj was a key member of the Lapsus$ group which hacked the likes of Uber, Nvidia and Rockstar Games. A court heard Kurtaj leaked clips of…
Ransomware Attack on CloudNordic paralyzes company and customers
The following is a machine translation of a report by Jens E. Hummelmose: On Friday, August 18, 2023, CloudNordic, a leading provider of cloud services, fell victim to a serious ransomware attack. The hackers took control of all systems, resulting in extensive downtime and data loss for both the company and their customers. The attack…
Fi: Helsinki and Uusimaa Hospital District confirms data breach by ex-staff member, 900 patients’ data compromised
YLE News reports: The Helsinki and Uusimaa Hospital District (HUS) has discovered that a former employee, who served as a practical nurse within the district, breached the privacy of nearly 1,000 patients. The case was confirmed by HUS Administrative Chief Medical Officer (AVMO) Teppo Heikkilä, who said the nurse gained access to the files through the…
SEC Cybersecurity Rule Leans on Materiality and Reasonableness
Rachel V. Rose, Ted Dziekanowski, and Andy Watkin-Child report: The US Securities and Exchange Commission released its final rule, effective Sept. 5, 2023, on cybersecurity risk management, strategy, governance, and incident disclosure. Investors, registrants, and other market participants should take special notice of two key terms in the regulations: “materiality” and the “reasonable investor.” The SEC…