News

Ransomware attacks target Virginia Tech, no data believed stolen

Amy Friedenberger reports Virginia Tech was the target of two cyberattacks recently. The most recent attack was part of the Kaseya incident.  An earlier attack in May reportedly involved an attempt to encrypt the university’s server.  In neither case was there any evidence of data exfiltration. Read more on The Roanoke Times.

Ca: Revelstoke Mountaineer white-hat notification of data security issues causes City of Revelstoke to disable emergency notification system

Aaron Orlando reports: The City of Revelstoke has disabled its emergency notification system after revelstokemountaineer.com notified the city of data security issues with the system. The city’s opt-in emergency alert system sends emails or text messages to subscribers. The system notifies subscribers on a range of city communications, including emergency communications. Read more on...

The new minimization technique for breach disclosures?

Remember when “We take  your privacy and security very seriously” became de rigueur in breach disclosures? Now there’s other language being frequently added to breach disclosures — language that makes it sound like what the entity is about to tell you is really no huge deal, but if you feel you really need to...

Dark Web Price Index 2021

Information in this report reflects data collected on May 9, 2021 and reported by Privacy Affairs.  They report their methodology was to: “scan dark web marketplaces, forums, and websites, to create an index of the average prices for a range of specific products.” Their findings are also compared to what they found in 2020....

WI: Governor Evers Signs Law to Enhance Insurance Cybersecurity Measures

July, 15 — Madison, Wis. — Today, Governor Tony Evers signed Act 73 into law creating new cybersecurity requirements for protecting data collected by the insurance industry. “From ransomware to data breaches, insurers and consumers are at an increasing risk of experiencing a serious cybersecurity incident,” said Insurance Commissioner Mark Afable. “The new consumer protections in this...

Ransomware attack at Comparis resulted in data breach

SwissInfo.ch reports: Last Wednesday Comparis.ch, which has 80 million visits a year, was shut down by ransomware attackers demanding $400,000 (CHF370,000) in cryptocurrencies to put it back online. By Friday the website was operational again. A Comparis spokesman told SWI swissinfo.ch that no ransom had been paid. The company initially said it believed that no...

An insurtech startup exposed thousands of sensitive insurance applications

Zack Whittaker reports: A security lapse at insurance technology startup BackNine exposed hundreds of thousands of insurance applications after one of its cloud servers was left unprotected on the internet. BackNine might be a company you’re not familiar with, but it might have processed your personal information if you applied for insurance in the...