Yesterday, DataBreaches.net reported on a hoax email sent from a government system by an individual who calls himself “Pompompurin” on Twitter (@Pompompur_in). Pompompurin had immediately claimed responsibility for the incident and gave out interviews left and right. Despite Pompompurin taking responsibility for the hoax email, Vinny Troia of NightLion Security and ShadowByte immediately claimed that…
Data Breach Rule for Health Apps Leaves Developers in the Dark
Christopher Brown reports: Makers of health apps are scrambling to understand the extent of their legal liability after a divided Federal Trade Commission announced they’re now required to inform users about data and privacy breaches—and if they have used their customers’ health data without authorization. The commission approved 3-2 a policy statement that the makers of health…
Officials confirm patient data stolen in N.L. cyberattack
CBC News reports: Officials have confirmed that personal information of medical patients in Newfoundland and Labrador has been stolen in the cyberattack that has wreaked havoc on the provincial health-care system for over two weeks. While speaking with reporters on Monday, Justice Minister John Hogan said it was his understanding that both patient and employee…
More Accusations About a Canadian Hacker in the Wake of a Hoax Email from FBI Portal
The email in my inbox on Friday night had the subject line, “Hey sexy,” and appeared to come from “[email protected]” <[email protected]>. Under normal circumstances, I would have just sent it to trash, but the Twitter user known to me as “Pompompurin,” had alerted me to check my email for what he described as a funny…
Data of 5.9m customers of RedDoorz hotel booking site leaked in Singapore’s largest data breach
Kenny Chee reports: The personal data of nearly 5.9 million Singaporean and South-east Asian customers of hotel booking site RedDoorz was found to have been leaked, in what the Government has called Singapore’s largest data breach. The Personal Data Protection Commission (PDPC) has fined local firm Commeasure, which operates the website, $74,000. This is much…
Critical Infrastructure Protection: Education Should Take Additional Steps to Help Protect K-12 Schools from Cyber Threats
GAO-22-105024 Published: Oct 13, 2021. Publicly Released: Nov 12, 2021. Highlights from the government report: What GAO Found Federal guidance, such as the National Infrastructure Protection Plan (National Plan), specify the roles and responsibilities of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), the Department of Education’s Office of Safe and Secure…