Tommy Liu and Kenneth Cheung of Hogan Lovells write: In late June 2024, the Security Bureau of the Hong Kong SAR Government (the “Government”) proposed the first specific cybersecurity legislation in Hong Kong, tentatively entitled the Protection of Critical Infrastructure (Computer System) Bill (the “Bill”), to strengthen the security of the computer systems of critical…
Microchip Technology confirms data was stolen in cyberattack
Sergiu Gatlan reports: American semiconductor supplier Microchip Technology Incorporated has confirmed that employee information was stolen from systems compromised in an August cyberattack, which was later claimed by the Play ransomware gang. Headquartered in Chandler, Arizona, the chipmaker has around 123,000 customers from multiple industry sectors, including industrial, automotive, consumer, aerospace and defense, communications, and computing…
Iran pays millions in ransom to end massive cyberattack on banks, officials say
Matthew Karnitschnig reports: A massive cyberattack that hit Iran last month threatened the stability of its banking system and forced the country’s regime to agree to a ransom deal of millions of dollars, people familiar with the case say. An Iranian firm paid at least $3 million in ransom last month to stop an anonymous…
Under a quarter of rural hospitals are using White House’s free cyber resource program, official says
David DiMolfetta reports: Around 350 of some 1,800 small and rural U.S. hospitals are leveraging free and low-cost private sector cybersecurity resources that were marshaled by the White House this summer, a top White House cyber official said Tuesday. Deputy National Cyber Director for Cybersecurity and Emerging Technology Anne Neuberger provided the update at the…
UK: Trainee surgeon jailed for rape pleads guilty to data breach charges
Kirstie Newton reports: A trainee surgeon who was convicted of raping two women in Cornwall and Devon has also pleaded guilty to misusing patient records at hospital trusts. Salil Korambayil, aged 32, of Redhill in Surrey, attacked and raped two victims in their own homes after meeting them on social media. He denied three counts…
FTC Takes Action Against Security Camera Firm Verkada over Charges it Failed to Secure Videos, Other Personal Data and Violated CAN-SPAM Act
August 30, 2024 – The Federal Trade Commission will require security camera firm Verkada to develop and implement a comprehensive information security program to settle allegations the company failed to use appropriate information security practices, which allowed a hacker to access customers’ security cameras. Under a proposed order, which must be approved by a federal…