Hana Bordey reports: The National Privacy Commission (NPC) has cleared the Commission on Elections and the Smartmatic Group of Companies of alleged violation of the Data Privacy Act (DPA) over the supposed breach of election data during the 2022 national and local polls. This was announced by Comelec spokesperson Rex Laudiangco in a press statement…
MN: Mayo Clinic settles another lawsuit stemming from insider-wrongdoing
Andy Brownell reports: The Mayo Clinic has apparently settled another lawsuit stemming from a data breach by a former Mayo Clinic employee. The lawsuit was filed in November 2020 by Olga Ryabchuk and sought class-action status on behalf of the more than 1600 Mayo Clinic patients who had their medical records improperly accessed. The case was officially…
HHS issues two warnings: one about Royal & BlackCat Ransomware, and one about AI’s potential use in malware
HHS issued two reports or advisories this past week. The first was a 67-page report on Royal & BlackCat Ransomware and the threat that they pose to the healthcare sector. The second publication was an HC3 Analyst Note, Artificial Intelligence and Its Current Potential to Aid in Malware Development. Related to this issue, see Russian…
NYS Comptroller releases another school district IT audit
Frankfort-Schuyler Central School District – Information Technology Assets and Network Access (2022M-151) Released December 30, 2022 Background The District serves the Towns of Frankfort and Schuyler in Herkimer County. The District is governed by the Board of Education (Board), which is composed of seven elected members. The Board is responsible for the general management and…
DNV Confirms Ransomware Attack Impacting 1,000 Ships
Mike Schuler reports: Classification society DNV is confirming that a recent ransomware cyber attack on its fleet management software has impacted around 1,000 ships. The cyber attack was discovered on the evening of Saturday, January 7, on its ShipManager fleet management and operations platform, forcing the class society to shut down the software’s IT servers. DNV now…
European data protection authorities issue record €2.92 billion in GDPR fines
Michael Hill reports: European data regulators issued a record €2.92 billion in fines last year, a 168% increase from 2021. That’s according to the latest GDPR and Data Breach survey from international law firm DLA Piper, which covers all 27 Member States of the European Union, plus the UK, Norway, Iceland, and Liechtenstein. This year’s biggest fine…