The GEO Group, Inc. (GEO), a publicly held company located in Boca Raton Florida, announced on November 3, 2020, that it is beginning to notify individuals following a ransomware attack that “impacted a limited amount of personally identifiable information and protected health information for some inmates and residents contained on certain servers for a small

The UK National Cyber Security Centre (NCSC) issued an alert on October 16, 2020, to raise awareness “of a new remote code execution vulnerability (CVE – 2020 – 16952)”, which affects Microsoft’s SharePoint product. According to the alert, “successful exploitation of this vulnerability would allow an attacker to run arbitrary code and to carry out

Last week, authorities from the United States, United Kingdom and Canada accused a well-known hacker group tied to the Russian government, APT29 a/k/a Cozy Bear of using malware to exploit security vulnerabilities to enable it to steal COVID-19 vaccine research from companies located in these countries working to develop a vaccine. This was after a

Beginning in 2016, the computer hacking organization known as “The Dark Overlord,” began to target victims in the St. Louis, Missouri area, including various health care providers, several accounting firms, and a medical records company.  By remotely accessing these victims’ computer networks without authorization, The Dark Overlord was able to obtain sensitive records and information,

The “security principle” under the General Data Protection Regulation (GDPR) requires that organizations process personal data securely by means of “appropriate” technical and organizational measures. This month, the United Kingdom’s Information Commissioner’s Office (ICO) issued new guidance focused on two specific measures the ICO recommends that companies consider in complying with the GDPR security requirements: encryption and passwords.
Continue Reading UK Information Commissioner’s Office Issues Guidance on Use of Encryption and Passwords in Connection with GDPR

As many of our readers know, the General Data Protection Regulation (GDPR) imposes significant obligations and responsibilities on entities with regard to data protection and privacy for all individuals within the European Union and the European Economic Area. Violations of GDPR can result in fines up to €20 million, or up to 4 percent of