Decisions by the Personal Data Protection Commissioner of Singapore
The Personal Data Protection Commissioner of Singapore announced several new decisions this week. Here are three of them: A financial penalty of $2,000 was imposed on Southaven Boutique for failing to...
View ArticleHackers Know Where You’ve Been Driving: General Motors Discloses Data Breach
Lucas Ropek reports: General Motors suffered a hack that exposed a significant amount of sensitive personal information on car owners—names, addresses, phone numbers, locations, car mileage, and...
View ArticleHacker Steals Database of Hundreds of Verizon Employees
Lorenzo Franceschi-Bicchierai reports: A hacker has obtained a database that includes the full name, email address, corporate ID numbers, and phone number of hundreds of Verizon employees. …. The...
View ArticleToday’s exercise in reading between the lines
A recent notification by Aon had DataBreaches wondering exactly what went on with their incident response. Consider their description of what happened: What Happened? On February 25, 2022, Aon...
View ArticleAre victims of Netgain ransomware incident first being notified now?
Accounting firm Perkins & Co. in Portland Oregon has submitted a notification to the Vermont Attorney General’s Office about a breach that goes back to 2020 — the Netgain ransomware incident that...
View ArticlePegasus Airlines data breach exposes 6.5TB of flight and crew data
Pegasus Airlines, a Turkish low-cost carrier, has accidentally leaked around 6.5TB of personal information of flight crew, flight data, and source code after misconfiguring an AWS bucket. Read more at...
View ArticleNovartis says no sensitive data was compromised in cyberattack
Lawrence Abrams reports: Pharmaceutical giant Novartis says no sensitive data was compromised in a recent cyberattack by the Industrial Spy data-extortion gang. Industrial Spy is a hacking group that...
View ArticleAU: Researcher finds ACY Securities leaking 60 GB of User Data
ACY Securities describes itself as one of Australia’s fastest growing multi-asset online CFD trading providers. But as first reported by HackRead, the trading firm was leaking 60 GB of user data until...
View ArticleData breach lawsuits settle: UPMC vendor and a holding company for department...
Two potential class action lawsuits involving data breaches have reportedly settled. One awaits final approval in October, but the other settlement is already final. University of Pittsburgh Medical...
View ArticleShoprite Group issues warning on ‘suspected data compromise’
TimesLive reports: The Shoprite Group said on Friday evening it had become aware of a suspected data compromise, including names and ID numbers, which may affect some customers who engaged in money...
View ArticleAnalysis of the Fourth Circuit’s Opinion in In re Marriott International, Inc.
Gargi Chaudhuri and James Masella, III of Patterson Belknap Webb & Tyler LLP write: On April 21, 2022, the United States Court of Appeals for the Fourth Circuit affirmed the dismissal by the United...
View ArticleMorocco court in favor of extraditing a French national alleged to be...
French news wires report that Morocco’s Court of Cassation has issued an opinion favorable to extraditing French national Sebastien Raoult to the U.S. to face criminal charges related to alleged...
View ArticleBits ‘n Pieces
Updating some HHS reports: First Choice Community Health Care reported its ransomware attack to HHS on August 1 as impacting 101,541 patients. BHG Holdings / Behavioral Health Group reported its...
View ArticleSCOOP: ista International takes systems offline in wake of ransomware attack;...
ista International GmbH is a multinational company that manages data and processes that make buildings climate-friendly, safe and comfortable. As they describe themselves: We see the future of our...
View ArticleCISCO got hit… and immediately took control of the story
It is the kind of story destined for big headlines. The Yanluowang group announced today that they had attacked CISCO. But instead of them controlling the story, CISCO seems to have immediately taken...
View ArticleFormer Twitter Employee Found Guilty of Acting as an Agent of a Foreign...
A federal jury yesterday convicted a former Media Partnerships Manager for the Middle East/North Africa (MENA) region at Twitter of acting as a foreign agent without notice to the Attorney General,...
View ArticleMalware attacks reported by three Japanese entities
Two of the following incidents occurred in June; the first one is recent: WDB Holdings Co. Ltd confirms ransomware attack WDB Group (WDB Holdings) issued the following statement on August 2: Since...
View Article$8 Million Multistate Settlement Resolves 2019 Waa Data Breach Investigation
Kirk Nahra and Amy Gopinathan of Wilmer Hale write: State Attorneys General settle with Wawa, Inc. for 2019 data breach that compromised approximately 34 million payment cards used by consumers. On...
View ArticleLockbit, Hive, and BlackCat attack automotive supplier in triple ransomware...
Linda Smith, Rajat Wason, and Syed Zaidi of Sophos write: In May 2022, an automotive supplier was hit with three separate ransomware attacks. All three threat actors abused the same misconfiguration –...
View ArticleJudge Investigates Alex Jones’ Legal Team After Sandy Hook Medical Records...
Mary Papenfuss reports: The judge in a Sandy Hook defamation lawsuit against far-right conspiracy podcaster Alex Jones has launched an investigation of his legal team after the medical records of...
View Article
