This week, law enforcement from 19 countries severely disrupted one of the world’s largest phishing-as-a-service platform, known as LabHost. This year-long operation, coordinated at the international level by Europol, resulted in the compromise of LabHost’s infrastructure. Between Sunday 14 April and Wednesday 17 April a total of 70 addresses were searched across the world, resulting…
Hong Kong private hospital given 4 weeks to submit report over US$10 million ransomware attack
Cannix Yau reports: Hong Kong health authorities have told a private hospital it has four weeks to submit a detailed report after it was hit by a malicious cyberattack and refused to pay a US$10 million ransom. The Department of Health said on Saturday that it was investigating the incident at Union Hospital in Tai…
Resource: U.S. State Data Breach Notification Laws
There’s an update to Foley & Lardner’s resource on U.S. state data breach notification laws. They explain what their resource applies and what it doesn’t apply to: While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches…
Medical records of millions stolen in Turkish state hospital data leak
Duvar English reports: A cyber attack on the Bağcılar Training and Research Hospital in Istanbul has leaked all confidential medical records, including X-ray scans and test results, taken at the hospital since 2007, according to reporting by the online news outlet Diken. The hackers attacked the information management system on April 12, heavily damaging the visual archive…
NIS2 implementation enters the final stretch – six months to deadline
Mark Young, Paul Maynard, and Aleksander Aleksiev of Covington and Burling write: In six months’ time, on 17 October 2024, Member State laws that transpose the EU’s revised Network and Information Systems Directive (“NIS2”) will start to apply. As described in more detail in our earlier blog post (here), NIS2 significantly expands the categories of…
Moldovan Botnet Operator Indicted for Role in Conspiracy to Unlawfully Access Thousands of Infected Computers Throughout the United States
From the U.S. Attorney’s Office, Western District of Pennsylvania on April 16, 2024: Note: Click here to view the wanted poster for Alexander Lefterov PITTSBURGH, Pa. – A Moldovan national has been indicted by a federal grand jury in Pittsburgh for computer fraud crimes, aggravated identity theft, and conspiracy to commit wire fraud, United States Attorney…