Alyssa DiSabatino reports: Canadian cyber insurance companies are now requiring businesses to offer multi-factor authentication (MFA) and have cybercrime/data breach response plans in place before qualifying for coverage. Prudent, since cybercrimes and ransomware attacks are on the rise – Canadians have lost $4.9 billion to ransomware attacks in the last year. Read more at Canadian…
FinalSite ransomware attack shuts down thousands of school websites
Lawrence Abrams reports: FinalSite, a leading school website services provider, has suffered a ransomware attack disrupting access to websites for thousands of schools worldwide. FinalSite is a software as a service (SaaS) provider that offers website design, hosting, and content management solutions for K-12 school districts and universities. FinalSite claims to provide solutions for over 8,000 schools and…
FlexBooker discloses data breach, over 3.7 million accounts impacted
Ionut Ilascu reports: Accounts of more than three million users of the U.S.-based FlexBooker appointment scheduling service have been stolen in an attack before the holidays and are now being traded on hacker forums. The same intruders are offering databases claiming to be from two other entities: racing media organization Racing.com and Redbourne Group’s rediCASE…
FTC Finalizes Order with Mortgage Analytics Firm, Requiring it to Strengthen Security Safeguards, Increase Oversight of Vendors
In December, 2020, the FTC announced a proposed settlement with Texas-based Ascension Data & Analytics after a security breach involving one of its vendors resulted in the exposure of, and unauthorized access to, consumers’ mortgage applications. One year later, the settlement received final approval, as the FTC announced on December 22: The Federal Trade Commission…
Administrative fine imposed on psychotherapy centre Vastaamo for data protection violations
A hack and extortion attempt involving the psychotherapy center in Vastaamo, Finland was — and remains — one of the worst breaches ever covered on PogoWasRight.org and DataBreaches.net because it involved the sensitive mental health information of tens of thousands of patients and a coverup by an executive of the clinic. Now EDPB has posted…
NZ: Vodafone accidentally sent a customer personal details of 18 other accounts
Some incidents that would seem “smallish” here make headlines elsewhere. But that’s actually helpful, as it reminds us all that avoidable human errors continue to occur and that even big corporations who should have lots of money to dedicate to data security and protection still fail to avoid all breaches. Melanie Carroll reports: A customer…