pii (19)

12931457261?profile=RESIZE_400xIn an era where digital threats loom large, the world finds itself grappling with an unprecedented surge in cyber-attacks.  Yeah, no kidding.  The landscape of digital security has become a battlefield, with corporate networks experiencing a staggering 30% increase in weekly attacks in the second quarter of 2024 compared to the same period in 2023.  Yet, a recent study by Kiteworks, a provider of secure content communication solutions, has revealed a significant knowledge gap in the US regarding

12932553683?profile=RESIZE_400xSensitive information belonging to nearly one million Wisconsin residents was breached during the cybercriminal campaign last year that targeted the popular MOVEit file transfer service.  The Centers for Medicare & Medicaid Services (CMS), the federal agency that manages the Medicare program and the Wisconsin Physicians Service Insurance Corporation (WPS) said last week that they have begun notifying people whose personal information leaked after hackers exploited a vulnerability in the MOVEit s

12767226452?profile=RESIZE_400xADT Inc. said on 8 August a small percentage of its customers’ email addresses, phone number and postal addresses were stolen in a recent cybersecurity breach.  The security company that provides residential and small business electronic security, fire protection, and other related alarm monitoring services throughout the US said it took prompt steps to shut down unauthorized access to databases of customer order information.[1]

The company said it has no reason to believe any banking or credit

12665948064?profile=RESIZE_400xA cyber-attack on software provider CDK Global upended operations at car dealerships across the US on 19 June.  CDK spokesperson Lisa Finney said the company shut down most of its systems “out of an abundance of caution" for customers.  By that afternoon, the company had restored its core document management system and digital retailing solutions.  "We are continuing to conduct extensive tests on all other applications, and we will provide updates as we bring those applications back online," Fin

12663682670?profile=RESIZE_400xA cyber-attack that sent US based Ascension hospitals and health care systems offline in May happened because a worker accidentally downloaded malware, officials said this week.   “Clinical operations” were affected at Ascension hospitals and medical centers, which operate in Michigan and 18 other states, when a cyber-attack forced the organization to transition to offline systems in early May.  It was later said that the attack was actually a ransomware attack, meaning someone (or a group) brok

12643915656?profile=RESIZE_400xIn an effort to shore up its reputation in the West, TikTok has taken measures to stop a cyber-attack targeting several brands and celebrity accounts, including news network CNN.  A spokesperson for the company said, "We have been collaborating closely with CNN to restore account access and implement enhanced security measures to safeguard their account moving forward."  TikTok said the number of accounts compromised is "very small" and it is working with affected account owners to restore acces

12434969868?profile=RESIZE_400xThe Federal Trade Commission (FTC) is aiming to roll out its long-awaited proposed rules governing commercial surveillance in the next few months, with a focus on ensuring that companies properly handle the data they harvest from the apps, websites and devices that consumers use.  According to two sources familiar with the agency’s plans, the rules will emphasize data security and data minimization, or the idea that companies should only collect the data they need to conduct business with consum

12330394290?profile=RESIZE_400xThe DNA testing company 23andMe was served with a class action lawsuit in California after cyber thieves gained access to personal data for at least a million clients. The lawsuit claims the popular DNA company “intentionally, willfully, recklessly, or negligently” failed to implement adequate safety measures to protect its customers whose birth year, location and ancestry trees were exposed during the attack.  “On no later than 6 October 2023, unauthorized third-party cybercriminals gained acce

12278611098?profile=RESIZE_400xMy question is, “Who has not stolen my personal information?”  Equifax, Home Depot, Target, Anthem, and the OPM have already lost my PII.  I recently declined an invitation to register with ID.me, https://www.id.me .  ID.me is an American online identity network company that allows people to provide proof of their legal identity online. ID.me digital credentials can be used to access government services, healthcare logins, or discounts from retailers.  This potential theft will allow an unknown

12258182092?profile=RESIZE_400xIn a US Securities and Exchange Commission 8-K disclosure filing on 05 October 2023, MGM Resorts reported losing around $100 million after the 11 September 2023 breach incident.

In an open letter published recently, MGM CEO Bill Hornbuckle said that "the vast majority of our systems have been restored," adding, "We also believe that this attack is contained.  As part of our remediation efforts, we have rebuilt, restored, and further strengthened portions of our IT environment.[1]  We will offer

12239425294?profile=RESIZE_400xIn 1923, the Soviet Union created the Nagorno-Karabakh Autonomous Oblast (an oblast is an administrative region or province) within the Azerbaijan Soviet Socialist Republic.  This oblast has a 95% ethnically Armenian population.  In 1988, Nagorno-Karabakh intended to leave Azerbaijan and join the neighboring Republic of Armenia.  While the Soviet Union was able to keep the resulting tension under control, once the USSR began to collapse, armed conflict between Azerbaijan and Armenia began for co

12185127080?profile=RESIZE_400xJust recently, I have the opportunity to view a behind-the-scenes tour of security at Major Leage Baseball’s Fenway Park, home of the Boston Red Sox.  Even though the park is the oldest in major league baseball (1912), I was amazed in the use of high tech being employed in their security program.  Microsoft is now warning of the threat malicious cyber actors pose to stadium operations, warning that the cyber risk surface of live sporting events is "rapidly expanding."  "Information on athletic p

10973933464?profile=RESIZE_400xOrganizations are generating and storing an increasing amount of digital data. Protecting this information from unauthorized access, theft, or damage is critical.  The Chief Information Security Officer (CISO) is responsible for ensuring that an organization’s sensitive data is appropriately secured and protected from potential threats.  In the below analysis, we see the various types of data that CISOs and other business leaders need to protect while working together to do so, along with tangib

10948475876?profile=RESIZE_400xA Swiss hacker says she found a copy of the FBI's "no-fly" list on an unsecured server.  The 2019 list, with over 1.5 million entries, includes an overwhelming number of Muslim passengers.  The server, maintained by CommuteAir, also held private employee data, such as passport numbers.  The FBI Terrorism Screening Center's secret "no-fly" list just got a lot less mysterious thanks to a bored Swiss hacker who was exploring unsecured servers in her free time.

Crimew, described by the US Department

The Japanese auto company Nissan has sent out breach notification letters to thousands of customers to inform them of a leak of personal information (pii) through a third-party vendor.  The car company said it was notified on 21 June 2022 that names, dates of birth, and account numbers for Nissan Motor Acceptance Corporation, an indirect lender that helps people finance or lease Nissan vehicles, were exposed after it provided the customer information to an unnamed third party “for software testi

10943595072?profile=RESIZE_400xThird-party administrator of insurance products Bay Bridge Administrators (BBA)  https://www.bbadmin.com is informing roughly 250,000 individuals that their personal information might have been compromised in a September 2022 data breach.  Bay Bridge Administrators is a full- service, nationally-recognized, third party administrator of fully-insured employee benefit plans.  Representing top-rated insurance companies, Bay Bridge fills a niche market in the insurance industry by entering into agre

10927592880?profile=RESIZE_400xA few years ago, while visiting old friends in a major metropolitan midwestern city where I grew up, I had the chance to meet an old friend who was working part-time as an IT consultant for a city suburb.  This city had its own network and a municipal level court system network.  He told me they were hit three times in the recent past by hackers.  I asked if any law enforcement agency investigated it and his answer was, “no, we back-up our data every evening and just recovered the following day.

9785334474?profile=RESIZE_400xRobinhood was known for “Stealing from the Rich, and Giving to the Poor.”  Not so in the last two years.  For the second time Robinhood Markets Inc. has been attacked by cyber criminals.  Robinhood said personal information of about 7 million people, which is approximately a third of its customers, was compromised in a data breach last week.  The bad actors then demanded a ransom payment.  The intruder obtained email addresses of about 5 million people as well as full names for a separate group

9107675697?profile=RESIZE_400xAs more cities see their police departments targeted with ransomware attacks, some analysts are voicing concerns that the attacks, which could lead to inaccessible systems and potentially compromised evidence, could impede criminal prosecutions.   

Among the latest developments, the police department in the City of Azusa, Arizona, recently reported that it had been hit by ransomware in March 2021, resulting in the compromise of personally identifiable information (pii), including Social Security