Paul Kunert reports: Two former workers at roadside assistance provider RAC were this week given suspended sentences after illegally copying and selling tens of thousands of lines of personal data on people involved in accidents. Debbie Okparavero, 61, of Salford, and Maliha Islam, 51, of Manchester, had worked as customer services specialists at RAC’s call…
Do the Marriott cybersecurity settlements send the wrong message to CISOs, CFOs?
A report by Evan Schuman about recent Marriott settlements with the FTC and state attorneys general suggests that the settlements leave much to be desired. Both settlements have cybersecurity requirements, and the state settlement has a monetary component, but neither is strong enough as far as some experts are concerned. Here’s a snippet or two…
Payroll-related cyberattack led to breach of Mass. state workers’ information, comptroller says
Frank O’Laughlin reports: An investigation is underway after a payroll-related cyberattack led to “unauthorized access” to online payroll accounts and direct deposit information of some state workers, Massachusetts Comptroller William McNamara announced Wednesday night. The Commonwealth is investigating the breach as an apparent “credential harvesting campaign” involving the state’s HR/CMS Employee Self-Service Time and Attendance…
Mount Airy medical office says it was hit by ransomware attack
Ryan Marshall reports: A Mount Airy medical office is assuring patients that no data was compromised in a ransomware attack on the office’s computer system discovered last year, part of what federal officials say is a dramatic increase in such incidents in recent years. […] Family Medical Center in Mount Airy reported that it learned…
Cyber resilience act: Council adopts new law on security requirements for digital products
This is big. From the Council of the EU: The Council adopted today a new law on cybersecurity requirements for products with digital elements with a view to ensuring that products, such as connected home cameras, fridges, TVs, and toys, are safe before they are placed on the market (cyber resilience act). The new regulation…
Disruptive cyberattacks against healthcare on the rise, with increasing impacts to patient care, survey finds
Dave Muoio reports: Reports of recent cyberattacks and disruptions in patient care have ticked up among healthcare organizations since 2023, with the average attack bringing just under $1.5 million in operational disruptions, according to a new survey analysis. Among 648 IT and security practitioners polled this spring, 92% said their organization had faced at least…