There’s a new Joint Cybersecurity Advisory (Product ID: AA22-074A) SUMMARY: The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory (CSA) to warn organizations that Russian state-sponsored cyber actors have gained network access through exploitation of default MFA protocols and a known vulnerability. As early as…
Sg: 26 months’ jail for man who stalked SMU peer, hacked email accounts, leaked others’ sex videos
Louisa Tang reports: A 30-year-old man who committed a string of offences such as stalking a fellow Singapore Management University (SMU) student and hacking into her boyfriend’s email account in a bid to “protect” her, was jailed for two years and two months on Wednesday (March 16). Shaun Sinclair Lau Wei Kit’s actions led to the couple…
FTC Takes Action Against CafePress for Data Breach Cover Up and Poor Security
The FTC has taken enforcement action against CafePress stemming, in part from a 2019 data breach previously reported on this site. In December, 2020, seven states settled charges with CafePress. The Federal Trade Commission today took action against online customized merchandise platform CafePress over allegations that it failed to secure consumers’ sensitive personal data and…
East Tennessee Children’s Hospital Statement on Security Issue
Published on March 14, 2022 East Tennessee Children’s Hospital has been a victim of an information technology security issue in the evening hours of Sunday, March 13, 2022. Maintaining the safety and security of our patients and their care is our top priority. We are still able to care for our patients. Our cyber forensics teams…
Comprehensive Health Services Pays False Claims Act Settlement Involving EMR Security
Marianne Kolbasuk McGee reports: A healthcare services contractor has agreed to pay a $933,000 settlement in a federal whistleblower case involving alleged false claims by the entity about the security of electronic medical records containing the information of military personnel, diplomats and contractors. The settlement is the first under the Department of Justice’s Civil Cyber-Fraud Initiative,…
Ireland’s privacy watchdog sued for inaction over ‘massive Google data breach’
Natasha Lomas reports: Ireland’s evasive response to a major security complaint filed against Google’s adtech the year the European Union’s General Data Protection Regulation (GDPR) came into application is the target of a new lawsuit — which accuses the Data Protection Commission (DPC) of years of inaction over what the complainants assert is “the largest…