February 8, 2024 at 10:45AM Two French healthcare payment service providers, Viamedis and Almerys, experienced data breaches impacting 33 million individuals. The exposed data includes personal and insurance details, but not financial information. The breaches could lead to phishing, identity theft, and insurance fraud risks. The General Data Protection Regulation (GDPR) will require Viamedis and … Read more
February 8, 2024 at 10:06AM Hospitals and medical device manufacturers must collaborate to protect personal health information from cyber threats. This shared responsibility model requires manufacturers to embed security controls in products, while hospitals ensure their proper use. Manufacturers provide guidelines and materials for hospitals to optimize security measures. Collaboration is vital to maintain a … Read more
February 7, 2024 at 03:18PM Danish data protection authority orders 53 municipalities to stop sending student data to Google without a legal basis. They must document data processing, ensure Google complies with regulations, and limit data use to authorized purposes. The authority allows use of Google Workspace for educational services but restricts other purposes. Municipalities … Read more
February 6, 2024 at 09:04AM Three high-risk vulnerabilities have been found in Microsoft Azure’s HDInsight, impacting data security. The bugs open the door to performance issues and unauthorized access, allowing attackers to manipulate data and system operations. Azure’s HDInsight, used by major corporations, houses valuable information, emphasizing the need for diligent patching to protect sensitive … Read more
February 5, 2024 at 02:38PM US healthcare organizations are warned by Taylor Lehmann that treating the government’s new cybersecurity performance goals as optional could have significant consequences. The goals, likely to become mandatory regulations, are designed to improve organizations’ cybersecurity posture. This is especially crucial as healthcare providers are increasingly targeted by cybercriminals, endangering patient … Read more
February 4, 2024 at 12:19PM Cloudzy enhances cybersecurity through a collaboration with Recorded Future, introducing comprehensive threat intelligence and refining its threat detection system, CloudzPatrol. The company prioritizes ethical enforcement, updating its acceptable use policy, and emphasizes maintaining a secure and resilient platform. Cloudzy aims to deliver a secure, innovative, and personalized cloud experience while … Read more
February 4, 2024 at 10:42AM Clorox incurred $49 million in costs following a cyberattack in 2023, leading to system shutdowns, order processing delays, and product shortages. The company anticipates an additional $50-$60 million in costs in 2024. While it suspects the attack may have been ransomware, details about the attack remain undisclosed. Dominic Alvieri suggested … Read more
February 4, 2024 at 10:42AM The FTC settled with Blackbaud over a data breach due to poor security practices. Hackers accessed sensitive customer data, and Blackbaud initially downplayed the breach. They paid a ransom and failed to ensure deletion of stolen data. As part of the settlement, Blackbaud must develop an improved security program and … Read more
February 4, 2024 at 10:42AM Dutch regulators fined Uber 10 million euros for lack of transparency in handling driver’s personal data, following complaints from 170 French drivers. The Dutch Data Protection Authority found Uber complicated the process for drivers to access their data, and lacked clarity on data retention and security measures. Uber has appealed … Read more
February 1, 2024 at 05:44PM Companies in finance and health care need to adopt TLS 1.3 for cyber security, but it complicates data audits. NIST released guide SP 1800-37 to help implement TLS 1.3 and conduct network monitoring and auditing securely. It addresses challenges, offering techniques for key access and securing data. NIST is seeking … Read more