The Sun reports: The government is planning to amend the Personal Data Protection Act of 2010 to include breach notification requirements that compel companies to inform authorities when a data breach happens in commercial transactions, said Digital Minister Gobind Singh Deo. Gobind said his ministry proposes to table the amendment at the next sitting of…
Germany’s Christian Democratic party hit by ‘serious’ cyberattack
Euractiv and Reuters report: Germany’s Christian Democratic Union (CDU), the country’s leading opposition party, has been hit by a major cyberattack and has taken parts of its IT-infrastructure off the grid as a precautionary measure, authorities said on Saturday (1 June). “There was a serious cyber attack on the CDU network,” Germany’s Interior Ministry said…
Snowflake Warns: Targeted Credential Theft Campaign Hits Cloud Customers
The Hacker News reports: Cloud computing and analytics company Snowflake said a “limited number” of its customers have been singled out as part of a targeted campaign. “We have not identified evidence suggesting this activity was caused by a vulnerability, misconfiguration, or breach of Snowflake’s platform,” the company said in a joint statement along with CrowdStrike and…
Davis County high school students are hacking the hackers behind phishing schemes
Don Brinkerhoff reports: A group of high school juniors in Davis County are hacking the hackers to protect phishing victims. “All my friends and peers around me got hacked,” said Charles Mortensen a Davis County student. Mortensen said in one case, a friend who’s in foster care had her Instagram account hacked. That was the…
Snowflake data breach claims spark war of words over culpability; researchers may have been trolled
Solomon Klappholz reports: Snowflake has pinned the blame on a series of high-profile data breaches in recent days on customers failing to adequately secure production environments by using two-factor authentication. In a statement on 2 June 2024, Snowflake CISO Brad Jones pushed back on claims that major data breaches involving Ticketmaster and Santander were caused by a vulnerability or misconfiguration in Snowflake’s platform. […] Cyber crime intelligence…
HHS OCR: Covered entities affected by the Change Healthcare breach may delegate tasks of providing HIPAA breach notifications to Change Healthcare
May 31 – Today, the U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) published an update to the frequently asked questions (FAQs) webpage concerning the Change Healthcare cybersecurity incident. The webpage, first published on April 19, 2024, provides answers to FAQs concerning the Health Insurance Portability and Accountability Act of 1996 (HIPAA)…