Summary Note: This Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and various ransomware threat actors. These #StopRansomware advisories detail historically and recently observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware. Visit stopransomware.gov to…
Hackers breach Reddit to steal source code and internal data
Lawrence Abrams reports: Reddit suffered a cyberattack Sunday evening, allowing hackers to access internal business systems and steal internal documents and source code. The company says the hackers used a phishing lure targeting Reddit employees with a landing page impersonating its intranet site. This site attempted to steal employees’ credentials and two-factor authentication tokens. After…
Updates to the Gramm-Leach-Bliley Act Cybersecurity Requirements
POSTED DATE: February 09, 2023 AUTHOR: Federal Student Aid ELECTRONIC ANNOUNCEMENT ID: GENERAL-23-09 SUBJECT: Updates to the Gramm-Leach-Bliley Act Cybersecurity Requirements On December 9, 2021, the Federal Trade Commission (FTC) issued final regulations (Final Rule) to amend the Standards for Safeguarding Customer Information (Safeguards Rule), an important component of the Gramm-Leach-Bliley Act’s (GLBA) requirements for protecting the…
Patients involved in Nova Scotia mass shooting among those caught up in major privacy breach
Bill Dicks reports: Nova Scotia Health is under the microscope after eight employees were found snooping into medical records. The privacy breaches involve the electronic health records of people associated with the April 2020 mass shooting in Nova Scotia, among others. The Office of the Information and Privacy Commissioner says the discoveries were made by…
iRent fined for data leak
CNA reports: Taiwanese car rental and automobile/motorcycle-sharing services platform iRent received separate fines from the Ministry of Transportation and Communications (MOTC) and Taipei City government on Thursday for data protection failings. The popular platform is operated by Ho Ing Mobility Service, a subsidiary of Taiwanese automotive conglomerate Hotai Motor Co. The company received the fines…
Health cards’ data stolen from one of Pakistan’s biggest hospitals
Haroon Hayder reports: The Pakistan Institute of Medical Sciences (PIMS) in Islamabad has confirmed that the data regarding the Sehat Sahulat Program (health cards) was stolen from the hospital last year. According to reports, the health cards’ data was stolen from the hospital’s Accounts Section. PIMS’ sources have claimed that they have no record of…