It would appear that it is yet again time to update my ever-expanding list of things the current administration does that would get me, someone who works in privacy, fired immediately:

New:
-Violating minimization principles by collating data from otherwise unrelated databases.
-Failing to maintain and transmit data in ways that limit linkability.
-Using data for purposes other than those disclosed to the data subject at time of collection.

#privacy
#dataprivacy
#minimzation
#surveillance
#databreach
#facepalm

Fall River schools chief: No insurance for cyberattack; says computer system remains down:

https://www.heraldnews.com/story/news/2025/04/08/fall-river-schools-cyberattacked-chief-says-no-insurance/83000021007/

@douglevin @funnymonkey

Oracle Health breach compromises patient data at US hospitals
—@BleepingComputer

｢ Oracle says that the threat actor used compromised customer credentials to breach the servers sometime after January 22, 2025, and copied data to a remote server. This stolen data "may" have included patient information from electronic health records ｣

https://www.bleepingcomputer.com/news/security/oracle-health-breach-compromises-patient-data-at-us-hospitals/

#Food giant WK #Kellogg discloses #DataBreach linked to #Clop #ransomware

https://www.bleepingcomputer.com/news/security/food-giant-wk-kellogg-discloses-data-breach-linked-to-clop-ransomware/

Hmmm.... I emailed a state agency this morning to ask about a cyberattack claimed by an extortion group. The agency's site was up when I emailed them to ask about the attack. Shortly after I emailed them, it was suddenly down. I wonder if my email made them aware of something they had been unaware of....

Oracle attempt to hide serious cybersecurity incident from customers in Oracle SaaS service

｢ Oracle told Bleeping Computer, and customers, “There has been no breach of Oracle Cloud. The published credentials are not for the Oracle Cloud. No Oracle Cloud customers experienced a breach or lost any data” ｣

#oracle #databreach #cybersecurity
https://doublepulsar.com/oracle-attempt-to-hide-serious-cybersecurity-incident-from-customers-in-oracle-saas-service-9231c8daff4a

Latest issue of my curated #cybersecurity and #infosec list of resources for week #14/2025 is out!

It includes the following and much more:

➝ The European Union (#eu) will invest €1.3 billion in cybersecurity,
➝ #Apple has been fined €150 million by #France's competition authority,
➝ National Security Adviser Michael Waltz and his team used personal #Gmail accounts for government communications,
➝ Surge in Palo Alto Networks Scanner Activity,
➝ Five #VPN apps in the App Store are linked to the Chinese military,
➝ A new security fund opens up to help protect the #Fediverse,
➝ Royal Mail Group suffered a significant #databreach with 144GB of sensitive information stolen

Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end

https://infosec-mashup.santolaria.net/p/infosec-mashup-14-2025

Port of #Seattle says #ransomware breach impacts 90,000 people

https://www.bleepingcomputer.com/news/security/port-of-seattle-says-ransomware-breach-impacts-90-000-people/

#Europcar #GitLab breach exposes data of up to 200,000 customers

https://www.bleepingcomputer.com/news/security/europcar-gitlab-breach-exposes-data-of-up-to-200-000-customers/

#Texas #StateBar warns of data breach after #INC #ransomware claims attack

https://www.bleepingcomputer.com/news/security/texas-state-bar-warns-of-data-breach-after-inc-ransomware-claims-attack/

#Oracle privately confirms Cloud breach to customers

https://www.bleepingcomputer.com/news/security/oracle-privately-confirms-cloud-breach-to-customers/

#RoyalMail investigates data leak claims, no impact on operations

https://www.bleepingcomputer.com/news/security/royal-mail-investigates-data-leak-claims-no-impact-on-operations/

Oracle buried serious data breach from customers, now hacker has it up for sale

Company remains quiet since denying the attack, even after researchers conclude the breach is real

#oracle #OracleCloud #databreach #security #cybersecurity #infosec #hackers #hacking #hacked

https://www.techspot.com/news/107362-oracle-hid-serious-data-breach-customers-now-hacker.html

#Oracle under fire for its handling of separate security incidents

https://techcrunch.com/2025/03/31/oracle-under-fire-for-its-handling-of-separate-security-incidents/

#API testing firm #APIsec exposed customer data during security lapse

https://techcrunch.com/2025/03/31/api-testing-firm-apisec-exposed-customer-data-during-security-lapse/

An #AI Image Generator’s Exposed Database Reveals What People Really Used It For

https://www.wired.com/story/genomis-ai-image-database-exposed/

Retail giant #SamsClub investigates #Clop #ransomware breach claims

https://www.bleepingcomputer.com/news/security/retail-giant-sams-club-investigates-clop-ransomware-breach-claims/

£3 million fine for healthcare MSP with sloppy security after it was hit by ransomware attack.

Sensitive data related to almost 80,000 people exposed, and NHS services disrupted.

Read more in my article on the Exponential-e blog: https://www.exponential-e.com/blog/3-million-fine-for-healthcare-msp-with-sloppy-security-after-it-was-hit-by-ransomware-attack

If the latest alleged data breach at X is accurate, can we please, pretty please, *follow and enforce* the obligation of transparency, accountability, and prompt disclosure in Europe under the GDPR?
I mean, failing to comply with the breach notification requirements could result in fines of *just* around 2% of X's annual turnover

#OracleHealth breach compromises patient data at US hospitals

https://www.bleepingcomputer.com/news/security/oracle-health-breach-compromises-patient-data-at-us-hospitals/