Collaborate Disseminate
Connor Jones reports: UK Government has confirmed a cyberattack on the payroll system used by the Ministry of Defence (MoD) led to “malign” forces accessing data on current and a limited number of former armed forces personnel. There is no … Continue reading UK opens investigation of MoD payroll contractor after confirming attack
Connor Jones reports: Just short of a year after the initial incident, the state of Georgia’s higher education government agency has confirmed that it was the victim of an attack on its systems affecting the data of 800,000 people. University Sys… Continue reading One year on, University System of Georgia admits MOVEit attack hit data of 800k people
Alexander Martin reports: Coradix-Magnescan, a French company that provides medical radiological imaging, has warned patients it is currently dealing with a cyberattack that risks “complicating” their appointments. Based in Perpignan in southern France… Continue reading Patient appointments imperiled by cyberattack on French radiologist
Cristiane Manzueto, Rodrigo Leal, Ana Letícia Allavato, and Diego Semeraro of Mayer Brown write: Resolution No. 15, of April 24, 2024, of the Brazilian Data Protection Authority (“ANPD”), approved the Data Breach Notifying Regulation (the “… Continue reading Brazilian Data Protection Authority approves data breach notifying regulation
LockBit’s old leak site — the one seized by a coalition of law enforcement agencies under Operation Cronos — has been resurrected. As it did in February when LockBit victim listings were replaced by teasers about what information law … Continue reading Will feds reveal anything exciting about LockBit and LockBitSupp?
A notification by Guardant Health, Inc. in California (“Guardant”) caught DataBreaches’ eye yesterday. Guardant is a laboratory that performs cancer screening tests on samples received from its physician and hospital partners. Patient information… Continue reading Guardant notifies patients of unintended information exposure going back to October 2020
Carl Campanile reports: More than 380,000 additional city public-school students had their personal data hacked in a massive cyber attack — bringing the total number of kids affected to well over 1 million, The Post has learned. The New York City Depar… Continue reading More than 380,000 additional NYC students had info breached in 2022 Illuminate Education hack
In December 2023, UW’s Fred Hutchinson Cancer Center (“Fred Hutch”) reported a November cyberattack that involved the exfiltration of patient data and attempted extortion of patients. DataBreaches contacted Fred Hutch on December 8 t… Continue reading Fred Hutch notifies more patients of November 2023 attack
A comment by Canadian attorney David Fraser caught my eye on Infosec.Exchange: This decision is going to be significant for all lawyers who work in cyber incident response and breach coaching. The IPC’s decision that forensic reports are NOT priv… Continue reading Forensic reports are NOT privileged — Ontario Divisional Court
What might happen to a company that has been making false claims about its system security for more than five years after experiencing a massive data breach? Will state attorneys general, the SEC, and the FTC investigate and possibly penalize them for … Continue reading Years later, Marriott admits data were not encrypted before its 2018 data breach. Now what?