Eileen Yu reports: Indonesia finally has passed its personal data protection law that has been in discussions since 2016. The government believes the new Bill will be critical amidst a spate of data security breaches in the country. Indonesia’s House of Representatives earlier this month approved the Personal Data Protection (PDP) Bill, paving the way…
Gag order issued to stop release of information stolen by hackers
The Tirana Times reports: With publication on the web of documents stolen by Iran-linked hackers from Albanian State Police servers, the Prosecutor’s Office of Tirana has ordered media to stop publishing any stories sourced from data published by the authors of the cyberattack. Many Albanian media say the order amounts to censorship, a stance backed…
Uber links breach to Lapsus$ group, blames contractor for hack
Sergiu Gatlan reports: Uber believes the hacker behind last week’s breach is affiliated with the Lapsus$ extortion group, known for breaching other high-profile tech companies such as Microsoft, Cisco, NVIDIA, Samsung, and Okta. The company added that the attacker used the stolen credentials of an Uber EXT contractor in an MFA fatigue attack where the contractor was flooded with two-factor authentication (2FA)…
Revolut hit by ‘phishing’ cyberattack
Ben Martin reports: A cyberattack on Revolut has compromised the personal details of more than 50,000 people. The breach at the app-based payments company occurred last Sunday night after a Revolut employee was caught out by a phishing scam. The attack has affected 50,144 people and involved an unauthorised third-party accessing some of their details,…
Bosnia and Herzegovina investigating alleged ransomware attack on parliament
Jonathan Greig reports: Prosecutors in Bosnia and Herzegovina are investigating a wide-ranging cyberattack that has crippled the operations of the country’s parliament. For nearly two weeks, the website for the country’s parliament has been down, and local news outlet Nezavisne spoke with several lawmakers who said they were told to not even turn on their computers, barring them from…
ClearBalance, Bricker & Eckler settle data breach lawsuits involving patient data
To follow up on two previously reported breaches involving protected health information, here are two class action settlements that involve business associates: CSI Financial Services aka ClearBalance In July 2021, DataBreaches reported a breach at CSI Financial Services, aka ClearBalance, a firm that services loans made by hospitals and providers to patients who need to…