Top News: Saudi Aramco faces $50m ransom demand, US' new breach reporting bill, and more
Saudi Aramco faces $50m ransom demand after data leak
Saudi Aramco suffered a data leak from one of its contractors, who received a cyber-extortion ransom demand of $50m. A dark web post by the hackers claimed to offer one terabyte of Saudi Aramco data, including information on the location of oil refineries, payroll files, and confidential client and employee data. Read the full story here.
DNS outage causes massive internet disruption
Several major websites, including UPS, Airbnb, and Sony’s PlayStation Network, were down on Thursday due to an outage at Akamai, a networking and content delivery service provider. The problem was attributed to Akamai’s Edge DNS service that enables smooth and secure running of websites, apps, and services. Read more about it here.
Microsoft secures court order to take down imposter domains
Microsoft secured a court order to take down certain homoglyph domains that were used to impersonate Office 365 customers in attempts to commit fraud. The order forces domain registrars to disable service on the malicious domains. Following this, the company took down 17 domains that were almost identical to Microsoft corporate websites. Read the full story here.
US lawmakers introduce breach reporting bill
US lawmakers introduced the Cyber Incident Notification Act that would require federal agencies, federal contractors, and critical infrastructure companies to notify the Department of Homeland Security when they’ve been hacked. The proposed bill also gives limited immunity to these companies when they report a breach. Read more about it here.
Act introduced to empower the FTC
Rep. Kathy Castor has introduced the 21st Century FTC Act, a legislation that would give the Federal Trade Commission (FTC) Administrative Procedure Act rulemaking authority and first offense civil penalty authority. The act provides improved tools to the FTC for addressing corporate surveillance systems. Read the press release here.
Uber found to have interfered with privacy of 1.2 million Australians
The Office of the Australian Information Commissioner (OAIC) has determined that Uber Technologies, Inc. and Uber B.V. have interfered with the privacy of over 1.2 million Australians. The companies failed to take reasonable steps to protect the personal information of its customers and drivers when it was accessed from a breach in 2016.
The news comes days after the company was fined by the California Public Utilities Commission for failing to hand over data on sexual assault incidents on its platform.