Ellie Fullalove reports (machine translation follows): A data leak involving an online platform used to transfer data from antigen tests carried out at pharmacies to the government platform SI-DEP has made 700,000 covid test results public, along with personal information. The platform known as Francetest was alerted to the bug in its system by the…
Dallas police data loss nearly triple initial estimate
The Associated Press reports that the amount of data missing from Dallas’s computer database is almost triple the initial estimate of files lost during a data migration involving Dallas Police files. About 15 terabytes of police data are missing besides the 7.5 terabytes initially thought to be lost, city spokeswoman Janella Newsome said. Read more…
Sturdy Hospital in Attleboro sued over data breach
George W. Rhodes reports: A class action lawsuit has been filed against Sturdy Memorial Hospital alleging it failed to properly protect personal patient information that was stolen in a ransomware attack earlier this year. […] “Defendant maintained and secured the PII (personally identifiable information) in negligent manner by failing to safeguard against ransomware attacks,” the…
VaxiCode flaw: Quebec refused to give immunity to the whistleblower
Thomas Gerbet reports (machine translation follows): Contrary to what the Minister of Digital Transformation, Eric Caire, said, the Quebec government has never offered immunity to the computer scientist who discovered the security flaw in the VaxiCode health passport application. Exchanges of emails obtained by Radio-Canada reveal the underside of this affair and show that the…
A holiday is coming, which means you may be more likely to be hit with a ransomware attack. Read the government’s advice.
It’s not really news that attackers may attack over a weekend when there are fewer IT people working to detect and respond to attacks. That’s also true for ransomware attacks. Read the government’s new advisory and see if you can implement or prepare better for the possibility of a ransomware attack. Immediate Actions You Can…
Singapore adds a third bug bounty program – this time to fortify government digital services
Laura Dobberstein reports: Singapore’s governmental digital services arm, GovTech, has launched a “rewards programme” to further crowdsource tests of the nation’s cybersecurity. The Vulnerability Rewards Programme (VRP) joins the Government Bug Bounty Programme (GBBP) and the Vulnerability Disclosure Programme (VDP), all of which work alongside the government’s own security checks. Read more on The Register.