It is turning out to be a somewhat busy morning here because three new incidents in the healthcare sector reportedly involved ransomware or ransom attempts. DataBreaches was already aware that Medical Associates of the Lehigh Valley notified HHS of a breach impacting 75,268 patients, but their notification letter reveals that this was a ransomware attack….
Ambry Genetics Settles Class Action Lawsuit Over 2020 Data Breach for $12.3M
Genome Web reports: NEW YORK – Ambry Genetics has settled a class action lawsuit over a breach of personal customer data that occurred in 2020. According to the settlement agreement, filed Sept. 9 with the US District Court for the Central District of California, Ambry will pay $12.3 million into a settlement fund. Ambry, which is owned by…
Twitter’s cybersecurity flaws pose national security risk, whistleblower tells Congress
Kelsey Reichmann reports: Cybersecurity failures at Twitter are endangering users’ data and putting national security at risk, the company’s former security chief, Peiter “Mudge” Zatko, told lawmakers at a hearing on Tuesday. Zatko appeared before the Senate Judiciary Committee to testify about allegations he made against the social media giant earlier this year. In reports…
Singapore corporations making progress in preventing cyberattacks
It was a back-handed compliment of sorts: experienced hackers telling DataBreaches that it had gotten noticeably harder for them to successfully attack big corporations in Singapore. “The most difficult country to attack now, are Singapore companies,” they told DataBreaches in a chat. “A lot has changed since 3 years ago. It is hard to even…
It’s like a veritable fire sale on Indonesians’ personal data
Indonesia’s private data protection bill cleared another hurdle and could be voted into law this week. As Bloomberg reports: Data operators could face up to five years in jail and a maximum fine of 5 billion rupiah ($337,000) for leaking or misusing private information, according to Indonesia’s new data privacy bill set to be passed…
“Proactive cyber defense” to be introduced to critical infrastructure
The following is a machine translation of a Yomiuri news story: The government is considering introducing an “active cyber defense” system to detect signs of an attack and identify the source of the attack in order to strengthen defense against cyber attacks on critical infrastructure such as communications and electricity. Adjustments will be made in…