Hunton Andrews Kurth writes: On January 16, 2023, the Directive on measures for a high common level of cybersecurity across the Union (the “NIS2 Directive”) and the Directive on the resilience of critical entities (“CER Directive”) entered into force. The NIS2 Directive repeals the current NIS Directive and creates a more extensive and harmonized set of rules on cybersecurity…
Mailchimp says it was hacked — again
Zack Whittaker reports: Email marketing and newsletter giant Mailchimp says it was hacked and that dozens of customers’ data was exposed. It’s the second time the company was hacked in the past six months. Worse, this breach appears to be almost identical to a previous incident. The Intuit-owned company said in an unattributed blog post that its security team detected an intruder…
Russia-linked drug marketplace Solaris hacked by its rival
Over in the no-honor-among-thieves department, Daryna Antoniuk reports: Solaris, one of the leading darknet drug marketplaces, has been taken over by its rival, according to research released this week. Users who tried to access Solaris after January 13 were redirected to the recently-launched Russian language drug marketplace known as Kraken, which claimed to have successfully taken over…
Ph: Comelec, Smartmatic cleared of data privacy violations in 2022 polls
Hana Bordey reports: The National Privacy Commission (NPC) has cleared the Commission on Elections and the Smartmatic Group of Companies of alleged violation of the Data Privacy Act (DPA) over the supposed breach of election data during the 2022 national and local polls. This was announced by Comelec spokesperson Rex Laudiangco in a press statement…
MN: Mayo Clinic settles another lawsuit stemming from insider-wrongdoing
Andy Brownell reports: The Mayo Clinic has apparently settled another lawsuit stemming from a data breach by a former Mayo Clinic employee. The lawsuit was filed in November 2020 by Olga Ryabchuk and sought class-action status on behalf of the more than 1600 Mayo Clinic patients who had their medical records improperly accessed. The case was officially…
HHS issues two warnings: one about Royal & BlackCat Ransomware, and one about AI’s potential use in malware
HHS issued two reports or advisories this past week. The first was a 67-page report on Royal & BlackCat Ransomware and the threat that they pose to the healthcare sector. The second publication was an HC3 Analyst Note, Artificial Intelligence and Its Current Potential to Aid in Malware Development. Related to this issue, see Russian…