Weekly News Roundup August 14-18, 2023


Posted on by Kacy Zurkus

The industry mantra of “it’s not if but when,” about data breaches proved true for Discord.io this week. The site was temporarily shut down after attackers allegedly stole the data of 760,000 users. Then a nefarious actor, known as Akhirah, reportedly broadcast data for sale on a hacking forum.

In Northern Ireland, police are still dealing with the aftermath of leaked data that was seemingly accessed by Republican dissidents. Some civilian workers, whose names were mistakenly part of the massive data breach, say they are feeling unsafe in their homes.

Meanwhile, health officials in Massachusetts have issued a warning to residents that their personal information was part of a security incident. “This incident was part of a worldwide data security incident involving a file-transfer software program called MOVEit, which has impacted state and federal government agencies, financial services firms, pension funds, and many other types of companies and not-for-profit organizations,” officials said.

The MOVEit data breach has also resulted in a class action lawsuit for Genworth Life. And, according to Insurance Journal, more than 40,000 Vermont residents (and in excess of 38 million US consumers) have also been impacted by the massive breach attributed to the ClOp ransomware gang.

Join us for an upcoming webcast with Alex Holden who will take a deep dive into MOVEit breach analysis.

Now let’s look at what else made industry headlines this week.

Aug. 18: Minnesota’s Metro State University received a $1.45 million award to build a cybersecurity clinic for small businesses, nonprofits, schools and government organizations.

Aug. 18: “The Advanced Research Projects Agency for Health (Arpa-H), a research support agency within the United States Department of Health and Human Services, said today that it is launching an initiative to find and help fund the development of cybersecurity technologies that can specifically improve defenses for digital infrastructure in US health care,” Ars Technica reported.

Aug. 17: The SEC’s new cybersecurity disclosure rules are reportedly lacking in clarity, causing confusion for organizations trying, “to determine when any security incident is material.”

Aug. 17: National Security Advisor, Jake Sullivan, is actively reminding federal agencies to comply with an executive order that they firm up their cybersecurity.

Aug. 16: ZDNet reported, “Chinese officials say the July attack on Wuhan Earthquake Monitoring Center targeted sensitive data and revealed a complex malware typically used by U.S. intelligence agencies.”

Aug. 15: “Online scams in Brazil jumped 65% last year to over 200,000, according to data from the Brazilian Public Security Yearbook published last month,” Reuters reported.

Aug. 14: As electric vehicles (EV) become more commonplace, industry influencers as well as the Biden administration are advocating for cybersecurity guidelines to secure EV charging station equipment.

Aug. 14: The Health-ISAC recognized Anahi Santiago, CISO, ChristianaCare, with the Routhy Award for her contributions to the healthcare industry.


Contributors
Kacy Zurkus

Director of Content, RSAC

RSAC Insights

cyber espionage cyberattacks data loss prevention industrial control security operational technology (OT Security) government regulations security jobs security education data security

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA Conference™, or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.


Share With Your Community

Related Blogs