Brian O’Donovan reports: Bank of Ireland has been fined €463,000 by the Data Protection Commission for data breaches affecting more than 50,000 customers. It follows an inquiry into 22 personal data breach notifications that Bank of Ireland made to the Commission between 9 November 2018 and 27 June 2019. One of the data breach notifications…
Ransomware negotiations are taking longer (and that’s a good thing)
Joe Uchill reports: It’s taking longer to negotiate ransomware demands. That is a good thing. Law firm BakerHosteler, which handles more than 1,250 cyber-related incidents a year, said in its annual Data Security and Incident Response report that the typical ransomware negotiation for its clients in 2021 lasted eight days. That is roughly twice as long as…
Pentester for FIN7 sentenced for scheme that compromised tens of millions of debit and credit cards
Seattle – A Ukrainian man was sentenced today in the Western District of Washington to 5 years in prison for his criminal work in the hacking group FIN7. Denys Iarmak, 32, served as a high-level hacker, whom the group referred to as a “pen tester,” for FIN7. He was arrested in Bangkok, Thailand in November…
Ca: SLGA business partners should have figured out on their own that their data may have been stolen: minister
Geoff Leo reports on what sounds like an utterly unsatisfactory response by the government to questions as to why it didn’t directly notify those affected of a breach: The minister responsible for the Saskatchewan Liquor and Gaming Authority (SLGA) says the Crown corporation didn’t directly notify its business partners that their data may have been…
SuperCare Health notifies 318,379 patients of July breach
In March, Super Care, Inc. dba SuperCare Health, notified the California Attorney General’s Office of a breach. The home respiratory care provider’s notification explained that on July 27, 2021, they had discovered unauthorized activity in their system — activity that they subsequently learned began on July 23. In a notification to 318,379 patients sent on…
The Original APT: Advanced Persistent Teenagers
Brian Krebs reports: Many organizations are already struggling to combat cybersecurity threats from ransomware purveyors and state-sponsored hacking groups, both of which tend to take days or weeks to pivot from an opportunistic malware infection to a full blown data breach. But few organizations have a playbook for responding to the kinds of virtual “smash…