Rahul Verma reports: The Indian government has introduced a new IT policy that requires virtual private network companies (VPNs) to collect extensive customer data and maintain it for five years or more. The directive came from Computer Emergency Response Team, CERT-in. The new policy lists data centers and crypto exchanges under the same provision. The…
India to introduce six-hour data breach notification rule
Stephen Pritchard reports: Organizations in India face a six-hour data breach reporting deadline, following the introduction of new rules by the country’s computer emergency response team, CERT-In. The new rules will apply to critical parts of India’s network and IT infrastructure, including service providers, data centers, government organizations, and corporations. Read more at TheDailySwig.
Update: U.S. v. Robert Purbeck aka “Lifelock”
Long-time readers may recall that in 2017 and 2018, DataBreaches.net reported on hacks of two medical practices by someone calling himself “Lifelock.” DataBreaches’ past reporting on him can be found in this July, 2017 post (see comments under the post), in two 2018 posts, and then a post in response to a press release from…
Another school district notifies parent of Illuminate breach
Natalie Chuck reports that another district in Colorado has sent letters to parents about the breach at Illuminate Education that impacted more than 820,000 students in New York City as well as 24 other districts and 18 charter schools in NY: Someone, somewhere knows details about thousands of students in southern Colorado after a data…
On Password Day, a Chilling Observation
It’s Password Day, and this is as good a time as any to mention that Britton White and I have been collaborating on some research expanding on his investigation into infostealers. We will be reporting on that work in the near future, hopefully. But in the meantime, Britton posted this today about something he found:…
Anonymous Leak 82GB of Police Emails Against Australia’s Offshore Detention
Waqas reports: On Monday, May 2nd, 2022, the Anonymous collective released 82GB worth of emails apparently belonging to the Nauru Police Force. According to Anonymous, the data leak was in protest against the alleged ill-treatment of asylum seekers and refugees carried out by Island authorities on behalf of the Australian government. For your information, Nauru is a…