At a glance.
- Dental benefits data compromised in ransomware attack.
- More on the PSNI data leak.
Dental benefits data compromised in ransomware attack.
The Alberta Dental Service Corporation (ADSC) has disclosed it suffered a breach that exposed the personal data of approximately 1.47 million Canadians. CBC News explains that ADSC administers dental benefits for residents of the province Alberta, and it was that benefits info that was accessed in the recent ransomware attack. The attackers infiltrated ADSC’s systems between May 7 – July 9, and Lyle Best, the chairman of ADSC and Quikcard Solutions Inc., said the corporation detected the intrusion on July 10. The compromised data include names, addresses, and in some cases, personal banking information. Best went on to say that the privacy commissioner and Alberta government have been notified about the incident, and impacted individuals will be contacted directly.
(Added, 5:45 PM ET, August 12th, 2023.) Roger Grimes, data-driven defense evangelist at cybersecurity company KnowBe4, wrote with the suggestion that the corporation disclose how the compromise took place. "ADSC didn't reveal how they were compromised. Most ransomware victims were compromised through social engineering or unpatched software. In telling customers how they are preparing to prevent similar future types of attacks, it would be encouraging for them to share how they were compromised. Because if they can't tell you how they were compromised, it doesn't give you as much confidence that they can prevent future compromises."
More on the PSNI data leak.
As we discussed earlier this week, the Police Service of Northern Ireland (PSNI) has disclosed that the private info of all 10,000 of the force's serving officers and staff were accidentally leaked to the public when an employee made an error in responding to a Freedom of Information request. The Telegraph now reports that dissident republicans claim to be in possession of the leaked data, which has allegedly been posted on WhatsApp. Simon Byrne, chief constable of the PSNI stated, “We are now aware that dissident republicans claim to be in possession of some of this information circulating on WhatsApp, and as we speak we are advising officers and staff about how to deal with that and any further risk that they face.” There have been concerns that the impacted officers might need to leave their positions or homes in order to protect their identities. Byrne said that no officers had yet been moved, but five hundred of the victims had been referred to an emergency group to discuss the potential risks they might face. He added that PSNI would likely lose money as the result of the breach, either in penalties or compensation for the victims. Byrne explained, “We have to make some assumptions that we are liable to financial penalty either from the regulator or from officers making a claim about the breach of their personal data but to try and speculate yet is too early.”
The incident, which is being described as the worst security breach in Northern Irish history, has highlighted the civil unrest that has shaken the region for many years. The Belfast Telegraph compares the breach to the 2002 Irish Republican Army (IRA) raid on Special Branch HQ in Castlereagh that similarly put officers and informants at risk. Coincidentally, the Guardian notes, a new documentary film was just released that chronicles the impact of a murder carried out by the IRA in 1973. The killing occurred during a period that has become known as the Northern Ireland Troubles, the decades-long ethno-nationalist conflict that resulted in the deaths of over three hundred officers at the hands of dissidents.