Default title

BREACH REPORTING

IN THE UNITED STATES REPORTING IS MANDATORY

In the US reporting is mandatory within 30 days of a data breach.

There are also certain laws requiring various notification methods to alert affected individuals given the scope of the release.

In Canada we have no such reporting requirements and therefore have no way of knowing how breaches that a Canadian Company may experience line up with the American experience.

Identity Theft Resource Center has released its 2015 Current Summary and the data we take from it is very interesting. The number of records released from Healthcare related organizations constitute the largest amount of released records however the Business Category represents the most breaches.

Canadians tend to follow closely with our neighbors to the South and as such it is suspected that our results would be similar if mandatory reporting existed here.

Official source ITRC Report

RECENT THREAT POSTS

- Tara Seals
Attackers gain read-only permissions to snoop around Office 365 accounts, including emails, contacts and more.
- Lindsey O'Donnell
The Android malware comes from threat group APT-C-23, also known as Two-Tailed Scorpion and Desert Scorpion.
- Tara Seals
The cybercrooks spread the COVID-19 relief scam via Telegram and WhatsApp, and ultimately harvest account credentials and even pics of IDs.
- Lindsey O'Donnell
Despite Microsoft issuing patches almost eight months ago, 61 percent of Exchange servers are still vulnerable.
- Tom Spring
Popular ‘safe browsing’ padlocks are now passe as a majority of bad guys also use them.
- Tara Seals
The attempted compromises, which could allow full control over Active Directory identity services, are flying thick and fast just a week after active exploits of CVE-2020-1472 were first flagged.
- Aamir Lakhani
Botnets and IoT devices are forming a perfect storm for IT staff wrestling with WFH employee security.
- Tara Seals
A researcher said he discovered an open data cache with names, grades, birthdates and more, after the Clark County School District refused to pay the ransom.
- Tom Spring
Threatpost's latest poll probes telehealth security risks and asks for IT cures.
- Lindsey O'Donnell
Researchers warn of emails pretending to help business employees upgrade to Windows 10 - and then stealing their Outlook emails and passwords.

Archives

Leave a Reply

Your email address will not be published. Required fields are marked *

4 × five =