NY: DFS Superintendent Adrienne A. Harris Announces Updated Cybersecurity Regulation 

Amends First-In-The-Nation Cybersecurity Regulation Created in 2017 in Response to Increasingly Sophisticated Technologies and Threats   The Department Seeks Comments on the Proposed Regulation During the Next 60 Days  Superintendent of Financial Services Adrienne A. Harris announced today that the New York State Department of Financial Services (DFS) proposed an updated cybersecurity regulation. DFS’s original regulation,...

State hit by largest sustained Election Day cyberattack warns ‘it’s only going to get worse’

Mark Albert reports: The longest sustained cyberattack against election websites in America on Election Day did not affect any votes but caused disruptions to voters’ efforts to determine their polling locations and access other information, Michael Watson, Mississippi’s secretary of state, said in his first interview about the attack. Watson, the state’s top election...

Taking down a ransomware hacker

An FBI investigation into a criminal ransomware gang believed to be tied to Russia led to a Canadian government employee in Gatineau, the largest cryptocurrency seizure in Canadian history and hundreds of victims around the world. Roxanna Woloshyn, Marie-Maude Denis and Linda Guerriero report: In the early morning hours of Jan. 27, 2021, two...

Arkansas county offices working without computers during possible breach

Bill Bowden reports from Arkansas: Across Arkansas, many county government employees were working without computers on Wednesday after a Rogers-based information technology company told them to shut down computer servers because of a possible security breach. “They’re telling us not to even turn them on, period,” said Stephen Willis, the Newton County assessor in...

Manitoba’s healthcare privacy breach numbers ‘truly alarming’

Katrina Clarke reports: Manitoba hospital workers have breached patients’ privacy more than 1,000 times in the last three years — but how many were disciplined and what consequences they faced is unclear. It’s an issue one ethicist calls “alarming,” saying the public deserves to know more about workers snooping into sensitive files. Data obtained...

Were hospital attacks in Osaka linked to a supply chain attack on lunch service by “Phobos?”

Asahi Shimbun reports (machine translation): The social medical corporation “Seichoukai” (Naka Ward, Sakai City), which operates general hospitals in Osaka Prefecture, announced on the 7th that it had been damaged by a cyber attack caused by ransomware. School lunch delivery services that deliver meals to affiliated hospitals are said to be affected. This school...

Ransomware attacks: is there a case for paying up?

Hannah Murphy reports: To pay or not to pay? For companies unfortunate enough to be hit by a ransomware attack, that is the crucial question. Ransomware attacks — in which cyber criminals lock up a victim’s data or computer system and release it only if a ransom is paid — exploded in 2020 and...

Hackers release Australian health insurer’s customer data

While those of us who report on ransomware groups may not be sure whether to refer to the group responsible for a ransomware attack on Medibank as “REvil”  or “BlogExx,” the more important story is that the hackers did start leaking data stolen from Medibank. The data, published on the dark web, included screencaps...

IL Champaign County Clerk reports cyber-attacks on servers

Melissa Coyne reports: The Champaign County Clerk’s office is reporting that computer server performance is being impacted by cyber-attacks on the network and servers. The Champaign County Clerk said the website has been the target of repeated D-DOS attacks for the past month, fortunately the reinforced security and response from the Clerk’s IT team...