Next presents the industry news of the week, summarized for your Friday.
The Indian Health Ministry dismissed reports today of a data breach of beneficiaries who received COVID vaccination as baseless. They have requested an investigation by CERT-In and maintain that the highly integrated Covid Vaccination Intelligence Network is secure.
Although a bot accessed some previously breached data, the CoWIN system itself was not directly breached. The Ministry assured that CoWIN has strong security measures and is reviewing its existing safeguards.
Johns Hopkins University and Johns Hopkins Health System are investigating a cyberattack and data breach targeting a widely used piece of software, potentially compromising personal and financial information.
The initial findings indicate that sensitive personal and financial information was impacted, including names, contact information, and health billing records. Johns Hopkins urges all students, faculty staff, and their dependents to take immediate action to protect their personal information.
Source: https://www.hipaajournal.com/johns-hopkins-investigating-cyberattack-and-data-breach/
Several US government agencies, Shell, and others are the latest to have been hit in a global cyberattack that exploits a vulnerability in a widely used software.
It’s reported that several federal agencies that have experienced intrusions affecting their MOVEit file transfer tool applications are working urgently to understand impacts and ensure timely remediation. The group known as CLOP has claimed credit for similar hacks.
Oil and gas company Shell has confirmed that it was targeted by CLOP ransomware. This is the second time Shell has been affected by an attack on a file transfer service. The company stated that its core IT systems were not impacted. Shell is investigating the incident, but has stated that it is not engaging with the hackers. The breach potentially exposed confidential information and personal data of employees. Other victims of attacks on MOVEit include the BBC, British Airways, Aer Lingus, Boots, Ofcom, and Transport for London.
Source: https://therecord.media/shell-impacted-in-clop-ransomware-attack, https://www.cnn.com/2023/06/15/politics/us-government-hit-cybeattack/index.html
Maimonides Medical Center confirms a breach exposing the health information of 33,000 patients. While most individuals had their names, addresses, and limited clinical information exposed, some also had their Social Security numbers compromised.
Source: https://www.hipaajournal.com/johns-hopkins-investigating-cyberattack-and-data-breach/
The European Parliament has reached a major milestone in the development of the AI Act by voting to confirm its negotiating mandate. The Act aims to establish a pan-European framework for AI and ensure that AI developed and used in Europe aligns with EU rights and values.
The Parliament proposes a ban on remote biometric surveillance, predictive policing, and untargeted scraping of facial images. The use of emotional recognition technology by law enforcement, border agencies, workplaces, and educational institutions is also prohibited.
High-risk AI systems now encompass those that pose significant harm to health, safety, fundamental rights, the environment, as well as systems used for voter influence and content recommendation on large social media platforms. MEPs have also introduced obligations for general purpose AI, such as risk assessment before market placement, transparency in AI-generated content, and safeguards against illegal content generation.
Source: https://techcrunch.com/2023/06/14/europe-takes-another-big-step-towards-agreeing-an-ai-rulebook/
Blog
Blog
Blog
Blog
Resources
Resources
Resources
Resources
