Rosalind Ang reports: There has been a leak of OG department store customers’ personal data such as names, mobile numbers and dates of birth, said the retailer on Thursday (Jan 6). In a statement to OG members, the department store said it was notified on Tuesday about the data breach, which affected members who are in either…
Why Canadian cyber insurance companies are requiring businesses to use multi-factor authentication
Alyssa DiSabatino reports: Canadian cyber insurance companies are now requiring businesses to offer multi-factor authentication (MFA) and have cybercrime/data breach response plans in place before qualifying for coverage. Prudent, since cybercrimes and ransomware attacks are on the rise – Canadians have lost $4.9 billion to ransomware attacks in the last year. Read more at Canadian…
FinalSite ransomware attack shuts down thousands of school websites
Lawrence Abrams reports: FinalSite, a leading school website services provider, has suffered a ransomware attack disrupting access to websites for thousands of schools worldwide. FinalSite is a software as a service (SaaS) provider that offers website design, hosting, and content management solutions for K-12 school districts and universities. FinalSite claims to provide solutions for over 8,000 schools and…
FlexBooker discloses data breach, over 3.7 million accounts impacted
Ionut Ilascu reports: Accounts of more than three million users of the U.S.-based FlexBooker appointment scheduling service have been stolen in an attack before the holidays and are now being traded on hacker forums. The same intruders are offering databases claiming to be from two other entities: racing media organization Racing.com and Redbourne Group’s rediCASE…
FTC Finalizes Order with Mortgage Analytics Firm, Requiring it to Strengthen Security Safeguards, Increase Oversight of Vendors
In December, 2020, the FTC announced a proposed settlement with Texas-based Ascension Data & Analytics after a security breach involving one of its vendors resulted in the exposure of, and unauthorized access to, consumers’ mortgage applications. One year later, the settlement received final approval, as the FTC announced on December 22: The Federal Trade Commission…
Administrative fine imposed on psychotherapy centre Vastaamo for data protection violations
A hack and extortion attempt involving the psychotherapy center in Vastaamo, Finland was — and remains — one of the worst breaches ever covered on PogoWasRight.org and DataBreaches.net because it involved the sensitive mental health information of tens of thousands of patients and a coverup by an executive of the clinic. Now EDPB has posted…