Collaborate Disseminate
Joseph Cox reports: Google has accidentally collected childrens’ voice data, leaked the trips and home addresses of car pool users, and made YouTube recommendations based on users’ deleted watch history, among thousands of other employee-reported priva… Continue reading Google Database Reveals Thousands of Privacy Incidents
Solomon Klappholz reports: Snowflake has pinned the blame on a series of high-profile data breaches in recent days on customers failing to adequately secure production environments by using two-factor authentication. In a statement on 2 June 2024, Snow… Continue reading Snowflake data breach claims spark war of words over culpability; researchers may have been trolled
Matt Burgess reports: Russian cybercriminals are almost untouchable. For years, hackers based in the country have launched devastating ransomware attacks against hospitals, critical infrastructure, and businesses, causing billions in losses. But they’r… Continue reading Cops Are Just Trolling Cybercriminals Now
The New Yorker decided to make fun of security incident notices in a piece by Jay Katsir. From the notice’s “What Happened?” section: In or around November or February, 2018/24, we detected suspicious activity within our system. It wa… Continue reading Notice of Security Incident – The New Yorker
The Office of the Information & Privacy Commissioner for British Columbia issued the following statement on May 23 about a case that raises issues of transparency and claims of privileged information: LifeLabs has announced that it is seeking leav… Continue reading LifeLabs to appeal court’s decision to release Ontario IPC and BC OIPC breach investigation report
Kevin Beaumont writes: Yesterday, Microsoft CEO Satya Nadella sat down with the media to introduce a new feature called Recall, as part of their Copilot+ PCs. It takes screenshots of what you’re doing on constantly, by design. Previously, Kevin wrote: … Continue reading How the new Microsoft Recall feature fundamentally undermines Windows security – Beaumont
Marianne Kolbasuk McGee reports: More than 100 medical associations and industry groups representing tens of thousands of U.S. doctors and healthcare professionals have banded together to urge federal regulators to hold Change Healthcare responsible fo… Continue reading 100 Groups Urge Feds to Put UHG on Hook for Breach Notices
Michael Phillis and Matthew Daly report: Cyberattacks against water utilities across the country are becoming more frequent and more severe, the Environmental Protection Agency warned Monday as it issued an enforcement alert urging water systems to tak… Continue reading US says cyberattacks against water supplies are rising, and utilities need to do more to stop them
On September 25, 2023, Riverdale Mental Health d/b/a Mosaic Mental Health (“MOSAIC”) notified HHS of an incident that affected 7,281 patients. The incident was coded as a “hacking/IT incident” involving their network, but no fur… Continue reading Mosaic Mental Health notifies patients of breach
Financial and insurance organizations have been under increasing attack by Scattered Spider. Now there is more guidance for entities. Hunton Andrews Kurth notes: On May 14, 2024, the UK National Cyber Security Centre (“NCSC”) and three major UK insuran… Continue reading UK NCSC and Insurance Associations Publish Guidance on the Approach to Ransom Payments