Log4j is a ubiquitous piece of software used to record activities in a wide range of systems found in consumer-facing products and services. Recently, a serious vulnerability in the popular Java logging package, Log4j (CVE-2021-44228) was disclosed, posing a severe risk to millions of consumer products to enterprise software and web applications. This vulnerability is…
UScellular discloses data breach after billing system hack
Segiu Gatlan reports: UScellular, self-described as the fourth-largest wireless carrier in the US, has disclosed a data breach after the company’s billing system was hacked in December 2021. The mobile carrier said in data breach notification letters sent to 405 impacted individuals that the attackers also ported some of the affected customers’ numbers using personal information stolen…
UK: Black Country hospital trust suffers ‘significant IT data loss’
Lisa O’Brien reports: The NHS trust which runs hospitals in Sandwell and Birmingham experienced a ‘significant IT data loss incident’ which ‘impacted upon staff and patient care’, a health chief has revealed. It is understood the incident happened last month and is said to have ‘disrupted’ over 20 systems across Sandwell and West Birmingham Hospitals…
Fired University of Utah researcher exposes breaches in student data
Chris Jones and Nadia Pflaum of KUTV report: Dr. Judith Zimmerman knew she was fired for doing the right thing. She was the lead investigator on a research project on autism in children, which she spearheaded at the Utah Department of Health. She brought that project, and a very sensitive database of data, to the…
Cyber attack on UK’s Defence Academy had ‘significant’ impact, officer in charge at the time reveals
Deborah Haynes reports: A cyber attack – possibly by China or Russia – hit the academic arm of the UK’s Ministry of Defence and had a “significant” impact, the officer in charge at the time has revealed. Air Marshal Edward Stringer, who retired from the armed forces in August, said the “sophisticated” hack – discovered…
Review of U.S. State Law Developments in 2021
Madeline Salinas and Libbie Canter of Covington and Burling write: As we look ahead at 2022, we here provide a quick wrap-up of key developments for U.S. state privacy laws in the past year: California Privacy Protection Agency is appointed and commences rulemaking. In June, the new California Privacy Protection Agency (CPPA) held its inaugural public meeting,…