Talia Weiner reports: The Township of Montclair’s insurer negotiated a settlement of $450,000 with the people behind a recent “cyber incident” in order to end the attack, a report says. […] “To guard against future incidents, the township has installed the most sophisticated dual authentication system available to its own system and it is currently…
NHS Staff Reprimanded For WhatsApp Data Sharing
Phil Muncaster reports: An NHS trust has been reprimanded by the UK’s data protection regulator after it was discovered that staff had been sharing patient details on an unapproved app for two years. Some 26 staff at NHS Lanarkshire accessed the WhatsApp group between April 2020 and April 2022, entering sensitive patient data including names,…
NZ privacy commissioner learnt about ‘serious’ breach from the media
Jonathan Killick reports: The Privacy Commissioner is “frustrated” to have learnt about a “serious” privacy breach through the media, relating to the email addresses of 147 firearms owners being spilled. In July, it was reported that the email addresses of licence holders were to sent to each other after a list of addresses was pasted in the…
Coverage Challenges in Ransomware Claims: Cyber Insurance Policies and Trends in Denials
Mark Rasch of Korhman Jackson & Krantz writes: A consistent pattern emerges in data breach and cyber-attack cases when companies turn to their insurers for coverage after such incidents. Whether they possess specialized cyber insurance or not, insurers often decline claims, citing various reasons such as failure to provide timely notice, failure to mitigate costs,…
PHI Database: Portal for Health Informatics – IIIT Delhi shared on Cyber Crime Forum
Seen on CloudSEK: CloudSEK’s contextual AI digital risk platform XVigil has discovered a post on an English speaking cybercrime forum, sharing a database of PHI-IIIT Delhi for Forum credits. A total of 82 Databases were compromised and leaked data. Read more at CloudSEK.
SolarWinds’ $26 Million Deal in Russian-Hack Suit Gets Final Nod
Christopher Brown reports: SolarWinds Corp. will pay $26 million to settle an investor suit alleging it failed to disclose security vulnerabilities before a massive cyberattack, under an agreement given final approval by a federal court. Investors alleged the technology company misled them about its security practices before announcing a suspected Russian hack in late 2020, causing the…