Category: Uncategorized

The Sunshine Coast has been selected as the location for a new national organisation aimed at protecting the nation against cyber criminals.
The Critical Infrastructure – Information Sharing and Analysis Centre (CI-ISAC), featuring some of the nation’s best and brightest when it comes to “threat intelligence’’, has started operations from Maroochydore today (February 6).
Under the guidance of CI-ISAC’s Chief Executive Officer David Sandell, the not-for-profit industry-based organisation provides comprehensive information and analysis advice to assist its membership base protect Australia’s most critical infrastructure.
The membership will be drawn from 11 key industry sectors representing almost 11,000 entities that include everything from banking, water and power grids to supermarkets and mining.
Mr Sandell said the Sunshine Coast had been steadily building its credentials in the cyber and tech space and this had not gone unnoticed for an organisation that is focussed on addressing digital defence-in-depth across Australia’s ICT networks.
“Assets that Sunshine Coast Council has been building alone or in partnership over the years were all key drivers to locate such an important organisation to a region location,” Mr Sandell said.
“No one else in regional Australia has the assets we need, including the fastest fibre cable to Asia, diversity of data path to Sydney, a fully fibre-enabled city centre and a new international runway with rapidly growing regional aviation connections.
“The local university and TAFE are doing some great things to develop the skilled workforce we need and the future on the Sunshine Coast looks bright.”
The new organisation is being led by some of Australia’s best, brightest, and most experienced in the field of threat intelligence and response.
Chair of the CI-ISAC Board is Brigadier (retired) Steve Beaumont, who previously served as Director-General of Intelligence, Surveillance, Reconnaissance, Electronic Warfare and Cyber with the Australian Department of Defence.
Also playing a key role in the organisation is Dr Gary Waters, who has worked in the defence and national security space for more than five decades
Sunshine Coast Council Acting Mayor Rick Baberowski welcomed the news that CI-ISAC would be calling the Sunshine Coast home, joining our emerging tech eco-system that already included key corporate players like Next DC, and industry leading bodies such as the Sunshine Coast Tech Industry Alliance.
He congratulated board members and founders, Scott Flower and David Sandell, on their decision to create a base and invest on the Sunshine Coast with such an important initiative designed to combat the acceleration in cyber-threats.
“A significant part of Australia’s critical infrastructure is owned or managed by local government, and I encourage all 537 Australian local governments to consider the considerable value in becoming a community of cyber defenders,” Acting Mayor Baberowski said.
“The concept is clear-cut. If we act together and share cyber threat intelligence, we can only get better at pre-empting attacks, while contributing to defending Australia’s data highway and all of the sensitive and personal data public services and businesses collect.
“We are proud that the Sunshine Coast will host and participate in an important new sector to develop solutions that can benefit all Australians.”
For more information on how to become a member or partner of the CI-ISAC, navigate to https://ci-isac.com.au/

source

source

Sambad English – The Latest News & Views on Odisha
Bhubaneswar: Odisha government issued a special helpline number ‘1930’ today to curb cyber crime in the State, which is meant for commoners and victims. The drive in this regard will be intensified further in the days ahead, said Chief Secretary Suresh Chandra Mahapatra.
Such a drastic step was taken in view of rising cases of cyber crime pertaining to finance and sex abuse on women and children. Awareness campaigns will be organised for the purpose. Any unlawful act where a computer or communication device or computer network is used to commit or facilitate the commission of a crime must be checked, Mahapatra insisted.
Miscreants posing as policemen loot gold chain from woman in Sundargarh town
Plastic rice being distributed to beneficiaries in PDS is rumour: Odisha Food Supplies Minister
Especially, elderly persons, students, Asha and Anganwadi workers and self-help groups (SHGs) are to be included in the drive against cyber crime. Thirty-four awareness-creating vehicles named ‘Sachetanata Rath’ will be pressed into service in the State equipped with audio and visual materials.
People will be made aware to verify the authenticity before carrying out a financial transaction, avoid friendships with unknown persons and not to click on links, SMSs and Apps received from suspicious sources. Symposiums and seminars will be conducted on a regular basis across the State.
Quiz, debates and essay competitions are to be organised at the school level. Odisha is the first State in the country in launching anti-cybercrime campaigns, the Chief Secretary added.
It is pertinent to mention, 52,975 cyber crime cases were registered in the country in 2021, which was 5.9 per cent more in number as compared to the cases registered in the previous year.
Similarly, 1485 cyber crime cases were registered in Odisha in 2019, 1931 cases in 2020 and 2037 cases in 2021 during the same period. On the other hand, 3402 petitions were received in the State in 2022 and 7700 petitions in 2022 respectively through cyber help desks.
Prev Post
17th Toshali National Crafts Mela from tomorrow
Next Post
Jaya Ekadashi Vrat Today, 1 February 2023: Fast/Upvas Breaking Time, Rituals
JSW BPSL Township Women’s Sports Meet-2023 concludes
Police attack on BJP youth workers arbitrary, a cause of grave concern: Dharmendra…
Narasingha Mishra demands action against Odisha CM over breach of privilege
Putin signs law to suspend Russia’s participation in arms treaty with US
Grammy winner Ricky Kej composes theme song of Odisha Millets Mission [Watch]
Fish trader crushed to death by speeding truck in Odisha’s Jajpur
Comments are closed.
POPULAR
28 February 2023 Horoscope Today, Rashifal, Lucky Colour,…
1 March 2023 Horoscope Today, Rashifal, Lucky Colour,…
Pisces 28 February 2023 Horoscope Today, Rashifal, Lucky…
Capricorn 1 March 2023 Horoscope Today, Rashifal, Lucky…

Recent Posts
Ind vs Aus 3rd Test: Matthew Kuhnemann takes maiden five-fer…
Kashmir to Kanyakumari: Asia’s longest cycle race…
Body of missing VSSUT student Chinmayee found in power…
Moody’s raises India’s economic growth…
VSSUT girl student goes missing as she jumps into power…
UK Foreign Secretary in India, to launch scheme for young…
How can we trust Crime Branch, CBI inquiry?: Narasingha…
Odisha woman steals ornaments from her home to please lover;…

source

Twitter has confirmed that the phone numbers and email addresses from 5.4 million accounts have been stolen due to the zero-day vulnerability on the platform that was originally flagged in January 2022.
The vulnerability meant that if a bad actor entered a phone number or email address and attempted to log in, they were able to learn if that information was associated with an existing account. This then led to the email address and phone numbers associated with 5.4 million accounts being put up for sale on the hacking forum, Breach Forums.
Twitter said in a statement that it “will be directly notifying the account owners [it] can confirm were affected by this issue”.
In a previous article by CS Hub on July 27, it was reported that many of the accounts that were up for sale, according to the hacker belonged to, “celebrities, companies, randoms, OGs, etc.”. ‘OGs’ refers to Twitter handles that are either made up of a desirable word like a first name or are very short and contain only a few letters.  
Twitter went on to suggest that those who operate “pseudonymous” accounts like OGs that may have been affected by the breach “keep [their] identity as veiled as possible by not adding a publicly known phone number or email address” to their Twitter account. The company clarified that while no passwords were compromised in the breach, it encourages “everyone who uses Twitter to enable 2-factor authentication using apps or hardware security keys to protect your account from unauthorized logins”.  
Reach Cyber Security professionals through cost-effective marketing opportunities to deliver your message, position yourself as a thought leader, and introduce new products, techniques and strategies to the market.
Join CSHUB today and interact with a vibrant network of professionals, keeping up to date with the industry by accessing our wealth of articles, videos, live conferences and more.
Cyber Security Hub, a division of IQPC

Careers With IQPC| Contact Us | About Us | Cookie Policy
Become a Member today!
Already an IQPC Community Member?
Sign in Here or Forgot Password
Sign up now and get FREE access to our extensive library of reports, infographics, whitepapers, webinars and online events from the world’s foremost thought leaders.
We respect your privacy, by clicking ‘Subscribe’ you will receive our e-newsletter, including information on Podcasts, Webinars, event discounts, online learning opportunities and agree to our User Agreement. You have the right to object. For further information on how we process and monitor your personal data click here. You can unsubscribe at any time.

source

Global risks from population pressures and climate change to political conflicts and industrial supply chain challenges characterized 2022. Cybercriminals used this turmoil to exploit these trending topics, including significant events, public affairs, social causes, and anywhere else opportunity appeared.
2023 will see a continuation of these challenges, especially as bad actors continue to take advantage of the chaos caused by the expected backlash from Russia due to the Ukraine conflict.
The following cyberthreat predictions are based on key observations made by the Zscaler ThreatLabz research team, made up of more than 125 security experts with decades of experience in tracking threat actors, malware reverse engineering, behavior analytics, and data science.
Crime-as-a-service (CaaS) encompasses the full range of cyber threat service offerings, including ransomware-as-a-service, where developers outsource ransomware to their affiliates who execute the attack and share the profits, and phishing-as-a-service, where cybercriminals can buy grammatically perfect email templates, replicas of popular webpages, and more.
As threat actors seek to increase payouts, they will leverage more service model offerings to increase the effectiveness of their attacks and cut out the development time to quickly scale operations. CaaS also lowers the technical barrier to entry, enabling novice cybercriminals to execute sophisticated threats.
Supply chain attacks occur when adversaries compromise partner and supplier ecosystems to reach their ultimate breach target and goals, such as executing a ransomware attack. Compromising a target’s weaker suppliers is more accessible and has led to successful upstream attacks, which is why this tactic will likely increase in the future.
Dwell time is the period between the initial compromise and the final stage of an attack — for example, the median dwell time for threat actors to deploy ransomware is now just five days, according to Mandiant. For most organizations, this is also the length of time an attack can be detected and stopped by defenders before it causes damage.
Malware families, ransomware gangs, and other cybercriminal associations reorganize themselves frequently.
GandCrab rebranded as REvil, the group responsible for the spotlight attacks on JBS and Kaseya. The old groups typically go dark after an incident, then a new group appears months or years later. Researchers eventually discern that it’s basically the old group getting back together, with similar techniques and code styles giving them away.
They may rebrand because of new member affiliations to avoid criminal charges and to ensure they can secure cyber insurance payouts.
Threat actors will increase the use of tactics to bypass antivirus and other endpoint security solutions. In addition, their attacks will have an increasing focus on core business service technologies, like VMware ESX, for example.
Last fall, researchers observed attackers using new techniques to install persistent backdoors on ESXi hypervisors, a virtualization software and a primary component in the VMware infrastructure software suites for virtual machines.
Because of this, organizations will have an even greater need for defense-in-depth, rather than relying solely on endpoint security to prevent and detect intrusions.
Forked malware, of course, is just another variant that include updates with more sophisticated techniques. Sometimes the source code for a specific malware is leaked online by a researcher, as in the case of Conti ransomware.
Since Conti ransomware was leaked, for example, parts of the source code have been found in other types of ransomware, borrowed or repurposed by different developers.
Updated and forked versions of malware and other threats make it harder for defenders to detect, because there are so many variants using custom techniques to deploy the same attack. We expect such variants will continue to evolve at different rates.
Read more Partner Perspectives with Zscaler.
Copyright © 2023 Informa PLC Informa UK Limited is a company registered in England and Wales with company number 1072954 whose registered office is 5 Howick Place, London, SW1P 1WG.

source

On January 6, 2023, the Federal Communications Commission (FCC or the “Commission”) released a Notice of Proposed Rulemaking (“Notice”) with updates to its data breach rules and reporting requirements. Considering the growing number of data breaches in the telecommunications industry in recent years, the proposed changes aim to strengthen the Commission’s rules governing breaches involving certain sensitive customer information, also known as customer proprietary network information (CPNI). Like other definitions of personal information or personal data in global privacy laws, CPNI is defined broadly and includes both personally identifiable information and usage data that communications providers collect from or about their customers. 
The FCC’s proposed changes come at a time where the data breach notification obligations for companies are constantly evolving. A number of states have expanded their breach notification laws in recent years, and a few have also added affirmative cybersecurity obligations with regard to protected information. Companies subject to the FCC’s jurisdiction will have to account for these new changes (if finalized) along with these other evolving requirements at the state level. 
We have provided relevant background and a description of the key takeaways related to the Notice below. The Notice also invites comments on other related matters including the adoption of harm-based trigger notifications for data breaches, setting minimum requirements for the content of customer breach notices, and addressing breaches of sensitive personal information. A detailed summary of the Notice was published in the Federal Register on January 23, 2023, and comments to the Notice are due on February 22, 2023.
Background
Section 222 of the Communications Act of 1934 (the “Act”) requires telecommunications carriers to protect the privacy and security of customer information to which they have access to as network operators. In addition to requiring carriers to protect the confidentiality of proprietary information of and relating to their customers (i.e., CPNI), the Act also restricts carriers’ use, disclosure, and providing access to such information. Notably, the Act defines CPNI broadly, and includes information relating to the quantity, technical configuration, type, destination, location, and amount of use of a telecommunications service, as well as certain information contained in the bills received by customers. Examples of CPNI include phone numbers called by a customer, the frequency, duration, and timing of such calls, and location data of mobile devices.
Moreover, with respect to Telecommunications Relay Service (TRS) providers specifically, Section 225 of the Act has been found to authorize the Commission to apply the same privacy protections afforded to telecommunications users to TRS users. Thus, in 2013 the Commission adopted rules concerning CPNI that applied to all TRS providers. Effectively, today, the data breach rules and reporting requirements for telecommunications carriers and TRS providers are largely identical.
Key Takeaways
Inadvertent Disclosures. The first update proposed by the Commission would broaden the definition of “breach” to include the inadvertent access, use, or disclosure of customer information. By broadening the definition to include both intentional and inadvertent breaches, the Commission hopes that carriers will be incentivized to strengthen their data security practices. Moreover, by gathering more information about accidental breaches, the Commission will be able to better identify and remediate any vulnerabilities to prevent similar breaches from occurring in the future.
Commission Notification. In addition, the Commission proposes updating their notification requirements to require telecommunications carriers and TRS providers to notify the Commission of data breaches, in addition to notifying the Secret Service and FBI as their current rules require. Notification to the Commission would improve their ability to track and enforce ongoing compliance with their rules. The Commission notes that this requirement aligns with other data beach notification rules, including, for example, HIPAA, which requires notification to the department of Health and Human Services.
Notifying Customers without Unreasonable Delay. The Notice also proposes adopting a without unreasonable delay standard for notifying customers. This update would eliminate the current mandatory waiting period, and instead, require telecommunications carriers and TRS providers to notify customers of CPNI breaches without unreasonable delay after discovery of a data breach, unless a delay is requested by law enforcement. It is the Commission’s belief that implementing such a standard that still allows for necessary delays, would allow affected customers to receive information about breaches and take preventative action sooner, while still not impeding the actions of law enforcement. 
Unless you are an existing client, before communicating with WilmerHale by e-mail (or otherwise), please read the Disclaimer referenced by this link.(The Disclaimer is also accessible from the opening of this website). As noted therein, until you have received from us a written statement that we represent you in a particular manner (an “engagement letter”) you should not send to us any confidential information about any such matter. After we have undertaken representation of you concerning a matter, you will be our client, and we may thereafter exchange confidential information freely.
Thank you for your interest in WilmerHale.

source

James Tyrrell
@JT_bluebird1
james.tyrrell@hybrid.co
Zero trust segmentation: cybersecurity teams are developing digital strategies to combat data breaches. Image credit: Shutterstock Generate.
Microsoft, T-mobile, the Red Cross, Twitter, Zoom, Paypal, Uber, the Shanghai Police Department, Tokyo Olympics attendees, JPMorgan Chase Bank, Facebook, Marriott Group, ASUS, JD Sports – if we were playing Jeopardy, the prize-winning response would be ‘victims of a data breach’. But data breaches are no game. And that’s just a sample of incidents, taken from stories that have appeared on TechHQ. The true scale of compromised data is huge. Data breaches happen with such regularity that they’ve almost ceased to become news. But that predictability offers a clue on how to remedy the problem. Given how often threat actors target firms, organizations, and individuals, it makes sense for IT systems to be attack tolerant and capable of data breach containment.
A common cybersecurity strategy is to invest in products that put a boundary between the internet and the outside world. “Firms are trying to build the wall higher and higher,” Trevor Dearing – Director of Critical Infrastructure Solutions at Illumio – told TechHQ. “But we have to change our thinking; assume that you’re going to get breached and invest in how to survive it.”
At a high level, there are three areas to think about. How do attackers gain access in the first place? What can be done to secure data so that, in the event of an attack, companies can roll back to a known clean version and continue critical operations? And the piece that sits in the middle – understanding which assets on the network are talking to each other. Ransomware has a habit of targeting the highest-value assets, and firms can use this knowledge to prioritize their activity.
Reassuringly, there’s plenty that can be done to make life harder for potential data thieves targeting IT networks. Defences include limiting the available attack surface and engineering data breach containment. “We know the most popular protocols,” explains Dearing. “And we don’t need those protocols everywhere.” A Palo Alto Networks blogpost sheds light on one of the most popular targets for ransomware attacks – remote desktop protocol (RDP).
Legitimate uses for RDP include allowing IT support to connect to an employee’s laptop or for remotely managing cloud assets. But leaving RDP ports open threatens to invite unwelcome interest. In fact, RDP has become so notorious that many security experts have renamed it the Ransomware Deployment Protocol! Network scans commonly reveal a large number of connection attempts to RDP’s default port of 3389. And if attackers can find their way in – using stolen credentials, by exploiting a vulnerability, or through brute force – then adversaries will be able to wander through as much of a company’s IT infrastructure as the compromised user account has access to.
The threat emphasizes why it’s important to keep track of which protocols are being used on different portions of the network and make sure, as Dearing recommends, to limit any unnecessary activity. RDP exposures can be reduced through a number of steps, such as setting time limits on disconnected sessions, limiting the number of allowable login attempts, and monitoring for any unintended exposures.
Cycling back to the change in mindset from building a higher wall to making sure that systems are attack tolerant and capable of data breach containment, it’s no surprise to witness the rise of ‘zero trust’ – granting users the bare minimum of permissions and only for the duration of the tasks that need to be carried out. Also, the widespread roll out of multifactor authentication (MFA) points to the threat posed by phishing emails – a staple in the suite of tactics, techniques, and procedures (TTPs) used by bad actors to steal data and launch ransomware campaigns.
Inevitably there will be gaps in the wall and some phishing emails will get through and convince recipients to click on rogue links. Attackers can pore over numerous social media feeds and even use AI writing tools such as ChatGPT to craft plausible and compelling content. Making IT systems impenetrable is a tall order, but attack resilience is achievable – for example, by asking for more than just usernames and passwords during the sign in process. Preparations also include having a well-rehearsed drill for when things do go wrong.
“Organizations need to understand their plan when they are attacked,” said Dearing. Cybersecurity frameworks such as the widely used NIST Special Publication 800-39 [PDF] are being re-written with increased emphasis on cybersecurity risk management governance. In Europe, NIS2 broadens the range of sectors that need to consider cybersecurity best practices. And responsibilities will rest with company leadership to ensure that everything is done to keep data loss to a minimum and reduce the damage done when systems are breached.
Another side of the coin is regulation. GDPR has made it clear that negligence on data protection will be punished. Companies are required to be able to detect, investigate, risk-assess, and record any breaches. And firms must report any data losses as appropriate. The UK’s Information Commissioner’s Office spells out the repercussions for failing to notify a data breach when required, highlighting that fines can reach up to 2% of global turnover.
But organizations aren’t on their own, and security providers such as Illumio, and others, have shown how solutions such as zero trust segmentation can be effective in containing data breaches. Ransomware and data theft attempts may be here to stay, but investing in IT systems that are attack tolerant and capable of containing data breaches will diminish the damage done.
James Tyrrell
@JT_bluebird1
james.tyrrell@hybrid.co
28 February 2023
27 February 2023
27 February 2023

source

Software company Zendesk has informed the crypto trading and portfolio management company Coinigy that it suffered a data breach following a “sophisticated SMS phishing campaign” that targeted several of its employees. 
Coinigy has revealed Zendesk said it became aware of the data breach in October, discovering at that time that some of its targeted employees handed over their login details to the bad actors, SecurityWeek reported. 
Zendesk reportedly disclosed to Coinigy that the hackers — from between the time period of Sept. 25 and Oct. 26, 2022 — were able to access data that was unstructured and in a logging platform. 
Coinigy was informed service data belonging to the company’s account was potentially included in the compromised logging platform data, per a discovery during an ongoing review into the incident that Zendesk said it is conducting, SecurityWeek reported. 
Zendesk reportedly said, however, that it had discovered no indication that Coinigy’s Zendesk instance had been exposed during the data breach, but that it was continuing to look into the possibility. 
Other companies affected by the purported data breach against Zendesk appear to have been informed by the software company sooner than Coinigy, which only received notice this month, according to SecurityWeek. 
Cryptocurrency exchange Kraken, for example, reportedly informed its customers in November about a data breach against Zendesk, with the platform saying at the time that customer accounts and funds were not at risk. 
In another data breach reported this month, PayPal revealed that a credential stuffing attack led to a data breach that exposed the personal information of almost 35,000 of the e-commerce company’s users. 
Have you been affected by a data breach? Let us know in the comments. 
Check out our list of Class Action Lawsuits and Class Action Settlements you may qualify to join!
Read About More Class Action Lawsuits & Class Action Settlements:
Δ
Your email address will not be published. By submitting your comment and contact information, you agree to receive marketing emails from Top Class Actions regarding this and/or similar lawsuits or settlements, and/or to be contacted by an attorney or law firm to discuss the details of your potential case at no charge to you if you qualify. Required fields are marked *
Comment *
Name *
Email *


Δ
Δ
Your email address will not be published. By submitting your comment and contact information, you agree to receive marketing emails from Top Class Actions regarding this and/or similar lawsuits or settlements, and/or to be contacted by an attorney or law firm to discuss the details of your potential case at no charge to you if you qualify. Required fields are marked *
Comment *
Name *
Email *


Δ
Please note: Top Class Actions is not a settlement administrator or law firm. Top Class Actions is a legal news source that reports on class action lawsuits, class action settlements, drug injury lawsuits and product liability lawsuits. Top Class Actions does not process claims and we cannot advise you on the status of any class action settlement claim. You must contact the settlement administrator or your attorney for any updates regarding your claim status, claim form or questions about when payments are expected to be mailed out.

Δ
@2023 Top Class Actions. All Rights Reserved. Privacy Policy | Terms and Conditions

source

Let Cybersecurity Dive’s free newsletter keep you informed, straight from your inbox.

Organizations were not forthright with the causes or potential risks stemming from disclosed incidents.
Organizations are tightening up what they share with customers in government-mandated breach notifications.
In 2022, two-thirds of data breach notices did not include enough details to help individuals and businesses determine potential risk, according to an annual data breach report published Wednesday by the Identity Theft Resource Center.
Data breach notices with attack and victim details comprised 72% of all filings in 2019, but slid to a five-year low of 34% last year.
“The result of these trends is less reliable data that impairs the ability of individuals, businesses and government officials to make informed decisions about the risk of a data compromise and the actions to take in the aftermath of one,” ITRC CEO Eva Velasquez said in the report.
The group identified 1,802 data breach notices in the U.S. last year, a slight decline from 2021. The number of potential victims, however, jumped 41% year over year to 422 million.
The lack of detail in data breach notices underscores the inadequacy of state data breach notification laws, Velasquez said. “Most states put the burden of determining the risk of a data breach to individuals or business partners on the organization that was compromised.”
The ITRC, a non-profit organization focused on identity crime, contends compromised businesses are making a conscious decision to withhold information.
The group specifically called out DoorDash, LastPass and Samsung for issuing breach notices with “limited or no detail about what happened and who was impacted in their state-mandated breach notice.”
The potential damage caused by the breach at LastPass, which also impacted its parent company GoTo, escalated to alarming levels as the password manager informed customers everything but their master passwords were compromised in the attack.
Organizations and professionals that assist data breach victims often don’t have access to enough information to recommend a proper response.
“Increasingly,” Velasquez said, “it is not so much what we know, but what we do not know that is the most troubling and compelling.”
Get the free daily newsletter read by industry experts
Enterprise cybersecurity is navigating market turmoil and vendor consolidation. Here’s what experts expect to happen to the industry in 2023.
Text message and email-based authentication aren’t just the weakest variants of MFA. Cybersecurity professionals say they are broken.
Subscribe to Cybersecurity Dive for top news, trends & analysis
Get the free daily newsletter read by industry experts
Enterprise cybersecurity is navigating market turmoil and vendor consolidation. Here’s what experts expect to happen to the industry in 2023.
Text message and email-based authentication aren’t just the weakest variants of MFA. Cybersecurity professionals say they are broken.
The free newsletter covering the top industry headlines

source

This website no longer supports the Internet Explorer web browser.
Microsoft is retiring and will no longer support Internet Explorer.  Please use another web browser to access this website.  
Click here for more details.
NYSE WAB @ 104.22
Locomotive
Freight Car
Freight Services
Digital Intelligence
Transit
Mining
Adjacent Solutions
Company
Our Wabtec entities: Wabtec Corporation, Wabtec UK Limited and Wabtec Brasil Fabricação e Manutenção de Equipamentos Ltda., located in the US, Canada, UK and Brazil, respectively (“together Wabtec”) are providing notice about an event that occurred earlier this year that affected some individuals’ personal information.
What Happened.  On June 26, 2022, Wabtec became aware of unusual activity on its network and promptly began an internal investigation. It was subsequently determined that malware was introduced into certain systems as early as March 15, 2022. Wabtec, with the assistance of leading cybersecurity firms, assessed the scope of the incident to, among other things, determine if personal data may have been affected. Additionally, shortly after discovery of the event, Wabtec notified the Federal Bureau of Investigation.
The forensic investigation did reveal that certain systems containing sensitive information were subject to unauthorized access, and that a certain amount of data was taken from the Wabtec environment on June 26, 2022. The information was later posted to the threat actor’s leak site. On November 23, 2022, Wabtec, with the assistance of data review specialists, determined that personal information was contained within the impacted files. On December 30, 2022, Wabtec began notifying affected individuals, per relevant regulations, with a formal letter, to let them know their data was involved. 
What Information Was Involved.  The affected information varies by individual but includes a combination of the following data elements: First and Last Name, Date of Birth, Non-US National ID Number, Non-US Social Insurance Number or Fiscal Code, Passport Number, IP Address, Employer Identification Number (EIN), USCIS or Alien Registration Number, NHS (National Health Service) Number (UK), Medical Record/Health Insurance Information, Photograph, Gender/Gender Identity, Salary, Social Security Number (US), Financial Account Information, Payment Card Information, Account Username and Password, Biometric Information, Race/Ethnicity, Criminal Conviction or Offense, Sexual Orientation/Life, Religious Beliefs, Union Affiliation.
What Wabtec Is Doing. Wabtec is committed to and takes very seriously its responsibility to safeguard all data entrusted to it. As part of the company’s ongoing commitment to the security of personal information in its care, it has taken additional steps to reinforce the integrity and security of its systems and operations, including implementing additional procedural safeguards. Wabtec has been notifying all applicable regulatory and data protection authorities, as required.
What You Can Do | Potential Consequences. While there is no indication that any specific information was or will be misused, considering the nature of the incident and of the affected personal data, we cannot rule out that there may be attempts to carry out fraudulent activity. For this reason, Wabtec encourages individuals to remain vigilant against incidents of identity theft and fraud by reviewing their financial account statements and credit reports for any anomalies. Please see below for additional details in the different jurisdictions.
For More Information. If individuals have additional questions not addressed in this notice, they may contact a member of Wabtec’s data privacy team by sending an email to privacy [at] wabtec [dot] com. Please see below for additional contact details in the different jurisdictions.
**********
If individuals in the US have additional questions not addressed in this notice, they may also call the dedicated assistance line at 1-888-505-4784 Monday through Friday from 9:00 am to 9:00 pm ET.
Wabtec encourages individuals to learn more about identity theft, fraud alerts, security freezes, and the steps they can take to protect themselves by contacting the consumer reporting agencies, the Federal Trade Commission, or their state Attorney General. 
Under U.S. law, individuals are entitled to one free credit report annually from each of the three major credit reporting bureaus. To order your free credit report, visit www.annualcreditreport.com or call, toll-free, 1-877-322-8228.  You may also contact the three major credit bureaus directly to request a free copy of your credit report, a security freeze, or a fraud alert.
 
 
You have the right to place a “security freeze” on your credit report, which will prohibit a consumer reporting agency from releasing information on your credit report without your expressed authorization. The security freeze is designed to prevent credit, loans, and services from being approved in your name without your consent. However, you should be aware that using a security freeze to take control over who gets access to the personal and financial information in your credit report may delay, interfere with, or prohibit the timely approval of any subsequent request or application you make regarding a new loan, credit, mortgage, or any other account involving the extension of credit. Pursuant to federal law, you cannot be charged to place or lift a security freeze on your credit report. 
To request a security freeze, you will need to provide the following information:
As an alternative to a security freeze, you have the right to place an initial or extended “fraud alert” on your file at no cost. An initial fraud alert is a 1-year alert that is placed on a consumer’s credit file. Upon seeing a fraud alert display on a consumer’s credit file, a business is required to take steps to verify the consumer’s identity before extending new credit. If you are a victim of identity theft, you are entitled to an extended fraud alert, which is a fraud alert lasting seven years.
The Federal Trade Commission can be reached at: 600 Pennsylvania Avenue NW, Washington, DC 20580, www.identitytheft.gov, 1-877-ID-THEFT (1-877-438-4338); TTY: 1-866-653-4261. The Federal Trade Commission also encourages those who discover that their information has been misused to file a complaint with them. You can obtain further information on how to file such a complaint by way of the contact information listed above. You have the right to file a police report if you ever experience identity theft or fraud.  Please note that in order to file a report with law enforcement for identity theft, you will likely need to provide some proof that you have been a victim. Instances of known or suspected identity theft should also be reported to law enforcement and your state Attorney General. This notice has not been delayed by law enforcement.
**********
Please find below some guidance around the practical steps you can take in the UK to protect yourself: 
**********
 
Nossas entidades Wabtec: Wabtec Corporation, Wabtec UK Limited e Wabtec Brasil Fabricação e Manutenção de Equipamentos Ltda., localizadas respectivamente nos E.U.A, Canadá, Reino Unido e Brazil (em conjunto “Wabtec”) estão neste ato comunicando publicamente acerca de um evento ocorrido no início deste ano que afetou informações pessoais de alguns indivíduos.
O que aconteceu.  Em 26 de junho de 2022, a Wabtec ficou ciente de uma atividade não usual nas suas redes e prontamente iniciou uma investigação interna. Foi determinado posteriormente que um malware já havia sido introduzido em alguns sistemas em 15 de março de 2022. A Wabtec, com o apoio de empresas líderes de mercado em segurança cibernética, analisou o escopo do incidente e, entre outros aspectos, determinou se dados pessoais foram afetados. Além disso, logo após a descoberta do evento, a Wabtec notificou o Federal Bureau of Investigation – FBI.
A investigação forense de fato revelou que certos sistemas, contendo informações sensíveis, foram acessados de modo não autorizado e que uma certa quantidade de dados foi retirada dos ambientes da Wabtec em 26 de junho de 2022. Tais informações foram posteriormente publicadas em site hacker voltado para vazamento de dados. A Wabtec, com a assistência de especialistas em revisão de dados, determinou que havia informações pessoais em alguns dos arquivos impactados. Em 30 de Dezembro de 2022, a Wabtec começou a notificar os indivíduos afetados, de acordo com as normas aplicáveis, com uma carta formal, com o objetivo de fazer com que esses indivíduos tenham conhecimento de que seus dados estavam envolvidos.
Quais Informações Estavam Envolvidas.  As informações afetadas variam de acordo com o indivíduo afetado, mas incluem a combinação dos seguintes dados: Nome e Sobrenome, Data de nascimento, Número de Identificação Nacional não americano, Número de Seguridade Social ou CPF, Número de Carteira de Motorista ou de Identificação Estadual, Número de Passaporte, Registro Médico/Informações sobre Seguro de Saúde, Fotografia, Gênero/Identidade de Gênero, Salário, Número de Seguridade Social (EUA), Informações sobre Contas Financeiras, Informações sobre Cartão de Pagamento, Nome de Usuário e Senha de Contas, Informações Biométricas, Raça/Etnia, Orientação/Vida Sexual, Crenças Religiosas, Filiação a Sindicato.
O que a Wabtec Está Fazendo. A Wabtec está comprometida com e considera de forma muito séria a sua responsabilidade em proteger todos os dados confiados a nós. Como parte do compromisso permanente da empresa relacionado à segurança das informações pessoas sob o seu cuidado, ela tem implementado medidas adicionais para reforçar a integridade e a segurança dos seus sistemas e operações, incluindo a implementação de mais salvaguardas procedimentais. A Wabtec notificou todas as autoridades regulatórias e de proteção de dados de acordo com as normas aplicáveis.
O que Você Pode Fazer | Potenciais Consequências.Enquanto não houver indicação de que qualquer informação específica foi ou será utilizada indevidamente, considerando a natureza do incidente e dos dados pessoais afetados, não podemos afastar a possibilidade de tentativas de atividades fraudulentas. Por essa razão, encorajamos você a permanecer vigilante contra incidentes de roubo de identidade e fraude a partir da revisão dos seus extratos bancários, financeiros e informativos de créditos para identificar qualquer anomalia. Veja abaixo mais detalhes sobre o tema.
Para Mais Informações. Questões adicionais que não foram endereçadas nessa comunicação podem ser encaminhadas a um membro do time de privacidade da Wabtec por meio do e-mail privacy [at] wabtec [dot] com ou o Encarregado de Dados, Henrique Tavares (henrique [dot] tavares [at] wabtec [dot] com, +55 31 999307520).
**********
Seguem abaixo algumas recomendações com medidas práticas que você pode tomar no Brasil para se proteger:
**********
If individuals in Canada have additional questions not addressed in this notice, they may also call the dedicated assistance line at 1-888-505-4784 Monday through Friday from 9:00 am to 9:00 pm ET. Additionally, individuals may contact a member of Wabtec’s Data Privacy Team by emailing privacy [at] wabtec [dot] com
1. Monitor Your Accounts

We encourage you to remain vigilant against incidents of identity theft and fraud, to review your account statements, and to monitor your credit reports for suspicious activity.  You can access your free credit report from Equifax and TransUnion.
2. Place a Fraud Alert on Your Credit File
A fraud alert is a notice placed on your credit file that alerts creditors that you may be a victim of fraud. There are also two types of fraud alerts that you can place on your credit report to put your creditors on notice that you may be a victim of fraud: an initial alert and an extended alert. You may ask that an initial fraud alert be placed on your credit report if you suspect you have been, or are about to be, a victim of identity theft. An initial fraud alert stays on your credit report for at least 90 days. You may have an extended alert placed on your credit report if you have already been a victim of identity theft with the appropriate documentary proof. An extended fraud alert stays on your credit report for seven years. You can place a fraud alert on your credit report by calling the toll-free fraud number of any of the two national credit reporting agencies listed below or visiting the listed websites.
3. Other Steps You Can Take
In addition to the above, we encourage you to:
**********
Nos entités Wabtec : Wabtec Corporation, Wabtec UK Limited et Wabtec Brasil Fabricação e Manutenção de Equipamentos Ltda, situées respectivement aux États-Unis, au Canada, au Royaume-Uni et au Brésil (ensemble, « Wabtec ») vous informent d’un événement survenu au début de l’année qui a affecté les informations personnelles de certaines personnes.
Que s’est-il passé.  Le 26 juin 2022, Wabtec a pris conscience d’une activité inhabituelle sur son réseau et a rapidement lancé une enquête interne. Il a ensuite été déterminé qu’un logiciel malveillant avait été introduit dans certains systèmes dès le 15 mars 2022. Wabtec, avec l’aide de sociétés de cybersécurité de premier plan, a évalué la portée de l’incident pour, entre autres, déterminer si des données personnelles avaient pu être affectées. En outre, peu après la découverte de l’événement, Wabtec a informé le Federal Bureau of Investigation, aux États-Unis.
L’enquête judiciaire a révélé que certains systèmes contenant des informations sensibles ont fait l’objet d’un accès non autorisé et qu’un certain nombre de données ont été extraites de l’environnement de Wabtec le 26 juin 2022. Ces informations ont ensuite été publiées sur le site de fuite de l’acteur de la menace. Le 23 novembre 2022, Wabtec, avec l’aide de spécialistes de l’analyse des données, a déterminé que des informations personnelles étaient contenues dans les fichiers impactés. Le 30 Décembre 2022, Wabtec a commencé à notifier les personnes concernées, conformément aux réglementations pertinentes, par une lettre officielle, pour leur faire savoir que leurs données étaient concernées.
Quelles sont les informations concernées.  Les informations concernées varient selon les individus mais comprennent une combinaison des éléments de données suivants : Nom et Prénom, Date de naissance, Numéro d’assurance sociale ou code fiscal non américain, Sexe/identité sexuelle, Salaire, Numéro de compte financier, Informations d’accès au compte financier, Numéro de carte de paiement..
Ce que fait Wabtec. Wabtec s’engage et prend très au sérieux sa responsabilité de protéger toutes les données qui lui sont confiées. Dans le cadre de son engagement permanent envers la sécurité des informations personnelles qui lui sont confiées, la societé a pris des mesures supplémentaires pour renforcer l’intégrité et la sécurité de ses systèmes et de ses opérations, notamment en mettant en place des garanties procédurales supplémentaires. Wabtec a notifié toutes les autorités réglementaires et de protection des données applicables, tel que requis.
Ce que vous pouvez faire | Conséquences potentielles. Bien que rien n’indique que des informations spécifiques ont été ou seront utilisées à mauvais escient, compte tenu de la nature de l’incident et des données personnelles concernées, nous ne pouvons exclure la possibilité de tentatives d’activités frauduleuses. Pour cette raison, Wabtec encourage les personnes à rester vigilantes face aux incidents d’usurpation d’identité et de fraude en examinant leurs relevés de comptes financiers et leurs rapports de crédit pour détecter toute anomalie. Veuillez voir ci-dessous pour plus de détails.
Pour plus d’informations. Si les individus concernés ont des questions supplémentaires qui ne sont pas abordées dans cet avis, ils peuvent appeler la ligne d’assistance dédiée à cet effet au numéro de téléphone du centre d’appels 1-888-505-4784 du lundi au vendredi partir de 9 :00 am à 9 :00 pm ET. En outre, les personnes peuvent contacter un membre de l’équipe de confidentialité des données de Wabtec en envoyant un courriel à privacy [at] wabtec [dot] com.
 
1. Surveillez vos comptes
Nous vous encourageons à rester vigilant face aux incidents d’usurpation d’identité et de fraude, à examiner vos relevés de compte et à surveiller vos rapports de crédit pour détecter toute activité suspecte. Vous pouvez accéder gratuitement à votre dossier de crédit auprès d’Equifax et de TransUnion.
2. Placez une alerte à la fraude sur votre dossier de crédit
Une alerte à la fraude est un avis placé sur votre dossier de crédit qui avertit les créanciers que vous pourriez être victime d’une fraude. Il existe également deux types d’alertes à la fraude que vous pouvez placer sur votre dossier de crédit pour avertir vos créanciers que vous pourriez être victime d’une fraude : une alerte initiale et une alerte prolongée. Vous pouvez demander qu’une alerte initiale à la fraude soit placée sur votre dossier de crédit si vous pensez avoir été, ou être sur le point d’être, victime d’un vol d’identité. Une alerte initiale à la fraude reste sur votre dossier de crédit pendant au moins 90 jours. Une alerte prolongée peut être placée sur votre dossier de crédit si vous avez déjà été victime d’une usurpation d’identité et que vous disposez des preuves documentaires appropriées. Une alerte de fraude prolongée reste sur votre dossier de crédit pendant sept ans. Vous pouvez placer une alerte à la fraude sur votre dossier de crédit en appelant le numéro gratuit de l’une des deux agences nationales d’évaluation du crédit énumérées ci-dessous ou en consultant les sites Web indiqués
3. Autres mesures que vous pouvez prendre
En plus de ce qui précède, nous vous encourageons à:
 
Transportation solutions that move and improve the world
At Wabtec, we help our customers overcome their toughest challenges by delivering rail and industrial solutions that improve safety, efficiency and productivity.
30 Isabella Street
Pittsburgh, PA 15212 – USA
Phone: 412-825-1000
Fax: 412-825-1019

source