Tag: data protection
Sperm Bank Heist
Another cyber breach as potentially damaging as that of the infamous hook-up site for married users, Ashley Madison, 15 years ago has recently come to light that could have equally serious consequences. According to a notification filed this month with the California Department of Justice, the sperm bank California Cryobank reports a breach that occurred last April. Stolen files include the names, social security numbers, driver's license numbers, financial accounts, and health insurance information of many of the sperm bank donors and their recipients.
Identifying fraudsters on the internet
In an exclusive interview with Cyber Intelligence, Patrick Harding, chief product architect at digital identity security company, Ping Identity, outlines the growing threat of identity theft and fraud, explaining how it evolved and what can be done to counter it. Everybody is forced into digital transactions and relationships and identity management is fundamental to knowing who you are interacting with. The problem goes back to the beginning of the internet in the 1990s and a cartoon of a dog in front of a computer with the caption, “On the internet no-one knows you’re a dog!” That really illustrates the core problem of identifying online users and customers. The extent to which this is carried out largely depends on the sensitivity of the activity concerned. There is a big difference between buying a pair of jeans online and opening a bank account. In both cases, there is a significant series of steps which could include requesting passport ID for financial services.
Ransomware gangs target law and accountancy firms
In what is bad news for law and accounting firms, the professional and technical services sector has now overtaken the manufacturing sector as the prime target for ransomware attacks of Q3 2024. According to cybersecurity company Nuspire: “These firms handle highly sensitive client data, such as financial records, legal documents, and business strategies, making them prime targets for ransomware operators.” Nuspire predicts that, with ransom demands averaging around $2.5 million a hit for law firms, ransomware operators will continue to target this sector as long as the potential rewards outweigh the effort. The situation is particularly dire for smaller practices, which may lack the resources to protect against today’s increasingly ruthless and sophisticated cyber-attacks.
The EU bares its teeth – again
The EU has bared its cyber teeth for the second time in a week. Hard on the heels of the arrest of Telegram founder and owner, Pavel Kurov, Uber has been slapped with a $290 million fine for allegedly violating the European Union (EU)’s General Data Protection Regulation (GDPR) by failing to protect personal data of European taxi drivers held on servers located in the US. The Dutch Data Protection Authority (DPA) enforced the regulation by imposing a fine on Uber, which transmitted European drivers’ personal data to the US, including drivers’ account details, taxi licenses, location data, photos, payment details, identity documents and, in some cases, even criminal records and medical data.
LockBit Resurfaces After Takedown – February 26th
Arriving days after law enforcement agencies took down LockBit's servers, the ransomware gang resurfaces with a new data leak portal on the dark web. On a public announcement of their re-launch, a LockBit administrator disclosed that their websites were confiscated, however, their operations recovered due to backup servers.
EU’s planned AI rulings meet opposition
Next Wednesday will see the last round in a “King Kong meets Godzilla"-style contest between the European Union and the global technology sector over proposed regulations from Brussels to control AI. The opening rounds have been fought by lawyers, lobbyists, and bureaucrats over the monitoring of foundation model AI services such as GPT-4, access to source codes, fines for disobeying the Brussels rulings, and other related topics. However, EU member states France, Germany, and Italy are known to be opposed to the EU’s proposed rulings and to favor self-legislation by the technology sector, as opposed to being constrained by hard rules dictated by Brussels. French AI company Mistral and Germany's Aleph Alpha have criticized the EU’s tiered approach to regulating foundation models, defined as those with more than 45 million users.