Remy Samuels reports: A participant in a retirement plan managed by J.P. Morgan Chase & Co. has initiated legal action against the company following recent reports of a data breach where over 451,000 plan participants’ personal details were exposed, According to the lawsuit filed in the U.S. District Court for the Southern District of New York on May…
UK opens investigation of MoD payroll contractor after confirming attack
Connor Jones reports: UK Government has confirmed a cyberattack on the payroll system used by the Ministry of Defence (MoD) led to “malign” forces accessing data on current and a limited number of former armed forces personnel. There is no evidence to suggest that the criminals who broke into the systems actually removed any data,…
One year on, University System of Georgia admits MOVEit attack hit data of 800k people
Connor Jones reports: Just short of a year after the initial incident, the state of Georgia’s higher education government agency has confirmed that it was the victim of an attack on its systems affecting the data of 800,000 people. University System of Georgia (USG), which oversees 26 higher education institutions in the state, filed a disclosure with…
Patient appointments imperiled by cyberattack on French radiologist
Alexander Martin reports: Coradix-Magnescan, a French company that provides medical radiological imaging, has warned patients it is currently dealing with a cyberattack that risks “complicating” their appointments. Based in Perpignan in southern France, just north of the Pyrenees mountains and close to the Mediterranean Sea, the company said at this point there is no evidence…
Brazilian Data Protection Authority approves data breach notifying regulation
Cristiane Manzueto, Rodrigo Leal, Ana Letícia Allavato, and Diego Semeraro of Mayer Brown write: Resolution No. 15, of April 24, 2024, of the Brazilian Data Protection Authority (“ANPD”), approved the Data Breach Notifying Regulation (the “Regulation”). The Regulation establishes procedures for data controllers to notify subjects of data breaches, as required by Article 48 of…
Will feds reveal anything exciting about LockBit and LockBitSupp? (YES!)
LockBit’s old leak site — the one seized by a coalition of law enforcement agencies under Operation Cronos — has been resurrected. As it did in February when LockBit victim listings were replaced by teasers about what information law enforcement would be releasing, the old leak site reappeared on Sunday with new teasers about what…