Default title

BREACH REPORTING

IN THE UNITED STATES REPORTING IS MANDATORY

In the US reporting is mandatory within 30 days of a data breach.

There are also certain laws requiring various notification methods to alert affected individuals given the scope of the release.

In Canada we have no such reporting requirements and therefore have no way of knowing how breaches that a Canadian Company may experience line up with the American experience.

Identity Theft Resource Center has released its 2015 Current Summary and the data we take from it is very interesting. The number of records released from Healthcare related organizations constitute the largest amount of released records however the Business Category represents the most breaches.

Canadians tend to follow closely with our neighbors to the South and as such it is suspected that our results would be similar if mandatory reporting existed here.

Official source ITRC Report

RECENT THREAT POSTS

- Elizabeth Montalbano

Latest version of UnC0ver uses unpatched zero-day exploit to take complete control of devices, even those running iOS 13.5.

- Lindsey O'Donnell

Even seeing data breaches in the news, more than half of consumers are still reusing passwords.

- Tara Seals

A lack of awareness about where and how open-source libraries are being used is problematic, researchers say.

- Lindsey O'Donnell

Attackers used malicious Excel 4.0 documents to spread the weaponized NetSupport RAT in a spear-phishing campaign.

- Tara Seals

The meal-kit company's customer records were leaked as part of the Shiny Hunters breach.

- Tara Seals

An investigation traces an NSO Group-controlled IP address to a fake Facebook security portal.

- Lindsey O'Donnell

Government and air transportation companies in Kuwait and Saudi Arabia were targeted in a recent attack tracked back to the Chafer APT.

- Chris Calvert

Looking for niche anomalies in an automated way with AI and machine learning is the future.

- Lindsey O'Donnell

Cisco has fixed a critical remote code-execution flaw in its popular customer interaction management solution.

- Tara Seals

The malware-as-a-service is advanced, obfuscated and modular -- and built for mass campaigns.

Archives

Leave a Reply

Your email address will not be published. Required fields are marked *