Feb 202019
 

Ertuğrul Can Canbolat LL.M., Baran Can Yildirim, LL.M. and S. İrem Akin of Actecon write:

Article 12 of the Turkish Data Protection Law No. 6698 (“TurkishData Protection Law“) entitled “Obligations Regarding Data Security” deals with the obligations of the data controller.

Article 12/1 of the Turkish Data Protection Law states the data controller shall take all necessary technical and organizational measures to provide a sufficient level of security. In addition, Article 12/5 of the Law obliges the data controller to notify the Board of Protection Personal Data (“Board“) as well as data subjects in case personal data is acquired through unlawful means by stating that “in case processed personal data are acquired by others through unlawful means, the data controller shall notify the data subject and the Board of such situation as soon as possible. The Board, if necessary, may declare such situation on its website or by other means which it deems appropriate.”

Read more on Mondaq.

h/t, @CampusCodi

Feb 192019
 

The wait for the victims of GandCrab is over: a new decryption tool has been released today for free on the No More Ransom depository for the latest strand of GandCrab, one of the world’s most prolific ransomware to date.

This tool was developed by the Romanian Police in close collaboration with the internet security company Bitdefender and Europol, together with the support of law enforcement authorities from Austria, Belgium, Cyprus, France, Germany, Italy, the Netherlands, UK, Canada and US FBI.

In addition to versions 1, 4 and early versions of 5, the new tool resolves infections with version 5.0.4 through 5.1 – the latest version developed by the cybercriminals.

WHY THE FUSS?

GandCrab has surpassed all other strains of ransomware in 2018, having infected over half a million victims since it was first detected in January last year.

Back in October, a decryption tool was made available covering all but two versions of the then existing versions of the malware. This tool followed an earlier release back in February. Downloaded more than 400 000 times so far, these two tools have helped close to 10 000 victims retrieve their encrypted files, saving them some USD 5 million in ransomware payment.

The GandCrab criminals have since released new versions of the file-encrypting malware, all of which are covered by the tool released today.

The best cure against ransomware remains diligent prevention. Users are strongly advised to use a security solution with layered anti-ransomware defences, regularly back up their data and avoid opening attachments delivered with unsolicited messages.

Find more information and prevention tips on www.nomoreransom.org

Feb 192019
 

John Leyden reports:

Calls recorded by a Swedish national health service hotline were stored on an unencrypted system that was publicly accessible to anyone with an internet connection, it has emerged.

An estimated 2.7 million phone calls were discovered to have been left open by an unprotected NAS (network attached storage) system, and were accessible without a password or any authentication, according to local reports.

Wav on MP3 files were reportedly stored but are no longer available.

An estimated 170,000 hours of calls dating back to 2013 were exposed, tech title ComputerSweden reports.

Read more on The Daily Swig.

Feb 172019
 

emptywheel writes:

JP Stadtmueller, the judge who will preside over MalwareTech (Marcus Hutchins’) case, last week denied his pretrial motions to get his post-arrest interview and all the charges of his indictment thrown out.

So right, that’s not great news for Marcus, or even good news. But to get a better understanding of how the case is shaping up, read emptywheel’s analysis and commentary on her blog.

Feb 152019
 

Yet another healthcare provider has revealed that they were hacked by thedarkoverlord (TDO).  Dr. Robert Spies, a plastic surgeon in Scottsdale, Arizona, has notified HHS and his patients of the hackers’ attempt to extort the practice.

Although he does not name the hackers responsible in a notice on his web site, Dr. Spies explains:

On December 10, 2018, we became aware cyber criminals gained unauthorized access to our computer network. We immediately contacted the FBI and local law enforcement authorities and have been cooperating with their investigations. We also engaged computer experts to determine if our systems and information were at risk. The investigation determined that the criminals could have viewed or accessed documents that contained patients’ personal and medical information, including names, addresses, dates of birth, procedure notes, diagnoses, medications and health insurance numbers. For a small handful of patients, the criminals could have viewed Social Security, driver’s license and/or passport numbers, if provided for verification purposes, a credit card number or financial account number, or pre-op photos. At this time, there is no evidence that patient information has been misused.

His report is entirely consistent with other information DataBreaches.net had obtained about this incident. In December,  thedarkoverlord had posted a notice on KickAss that said:

We’ve hacked a high-end plastic surgery business located in Arizona, United States. This surgery center is owned by Doctor Robert J. Spies and operates on celebrity patients. His website is (www.azplasticsurgerycenter.com). We’ll share some of his data with yoou, since he’s refused our most handsome business proposition.

Link: (link redacted by DataBreaches.net, even though it is no longer live).

If you’d like to let him know how foolish he’s been, you can SMS his mobile at (redacted by DataBreaches.net) or his e-mail at (redacted by DataBreaches.net).

The sample data was a 531.8 MB archive with folders containing “Dictations”  (75 files), “Photos” (more than 160 photos),  and “Patient ID Verification” (4 files).  The Dictations folder and Photos folder contained more than one file or image for some patients, so these were not all unique patients in each folder.

Many of the photos in the archive released by the hackers would permit identification of patients because in some cases, you can see the patients’ faces, and in other cases, the filenames for the photos may contain the patient’s first initial and last name.

DataBreaches.net is not reproducing any of the data from the archive the hackers provided.

Inspection of the meta data suggests that the newest dictation files were created December 5, 2018 and related to services or consultations conducted on November 28, 2018.

As with their hack of the London Bridge Plastic Surgery Center,  TDO may have hoped that people — especially celebrities — would pay good money not to have their before, during, or after pictures of plastic surgery released publicly.  Whether TDO is privately trying to extort patients directly is unknown to this site, but Dr. Spies seems to have refused to pay them, and has reported the incident to law enforcement, HHS, and his patients.  According to his notification to HHS,  he has notified 5,524 patients.