By Ashwani Mishra, Editor-Technology, 63SATS
The Indian government released the draft Digital Personal Data Protection (DPDP) Rules for public feedback, emphasizing consent, data erasure rights, and encryption to empower citizens. Meanwhile, cyberattacks surged globally. Argentina’s airport security payroll system was compromised, exposing financial data.
In the U.S., Lexington Diagnostic Center and Pacific Pulmonary Medical Group reported breaches, prompting cybersecurity enhancements. The International Civil Aviation Organization faced potential data exposure, and U.S. school districts tackled holiday cyberattacks. These incidents highlight the urgent need for robust data protection frameworks and heightened vigilance to safeguard sensitive information in an increasingly connected world.
Draft DPDP Rules for Public Consultation
The Indian government has unveiled the draft Digital Personal Data Protection (DPDP) Rules for public feedback. These rules operationalize the DPDP Act, 2023, empowering citizens to control their personal data.
Key features include informed consent mechanisms, data erasure rights, and options to appoint digital nominees. Data fiduciaries must implement encryption, access controls, and backups to safeguard information. Public consultation ends on February 18, 2025, aiming to refine India’s data protection framework.
Cyberattack Targets Argentina’s Airport Security Payroll
Hackers breached Argentina’s airport security police (PSA) payroll system, compromising personal and financial data. Fraudulent deductions ranging from $100 to $245 were recorded under false labels.
The breach exploited vulnerabilities in Banco Nación’s systems, suggesting internal collusion. PSA has launched a cybersecurity awareness campaign while probing the attack’s motives and scale.
Lexington Diagnostic Center Data Breach Exposed
Lexington Diagnostic Center (LDC) reported a breach impacting sensitive consumer data, including Social Security and medical records. The unauthorized access occurred between February 26 and March 16, 2024.
LDC has notified affected individuals and strengthened its cybersecurity measures. Legal consultations are advised for victims to safeguard against identity theft and fraud.
Pacific Pulmonary Medical Group Hit by Data Breach
Pacific Pulmonary Medical Group (PPMG) confirmed a data breach involving unauthorized access to third-party scheduling software. Confidential consumer data was exposed in October 2024.
PPMG has notified affected individuals and tightened its systems. Victims are encouraged to review data breach notifications and take preventive measures against identity theft.
ICAO Probes Potential Data Breach
The International Civil Aviation Organization (ICAO) is investigating claims of a data breach involving 42,000 records. The incident, attributed to a known threat actor targeting global organizations, was reported on a hacker forum.
ICAO has yet to confirm details as the investigation continues, highlighting vulnerabilities in international aviation data systems.
Cyberattacks Disrupt U.S. School Districts
Holiday cyberattacks hit school districts in Maine and Tennessee, forcing South Portland Public Schools to take its network offline. The attack, linked to a Bulgarian IP, compromised the school’s firewall but reportedly left student and staff data intact. Cybersecurity grants and detection systems were instrumental in mitigating the impact.