Now Available!
Join Us On LinkedIn
Join the Cybersecurity and Incident Response Group on LinkedInVirginia governor signs comprehensive data privacy law | TheHill
Virginia Gov. Ralph Northam (D) signed the Consumer Data Protection Act on Tuesday, making Virginia the second state in the U.S. to pass a comprehensive data privacy law. The bill will give consumers the right to opt out of having their personal data processed for targeted advertising and the right to confirm if their data […]
Who Has Standing in a Data Breach Litigation? In The Third Circuit, Fear of Speculative Future Harm Still Doesn’t Cut It | Consumer Privacy World
As the number of data breaches continue to rise, so too will the number of lawsuits filed. As CPW previously reported, the number of data breaches in 2020 was more than double that of 2019. One can only wonder what 2021 will bring. Yet with this increase in data breach litigation, a recent opinion within […]
California DMV hit by data breach, exposing millions of drivers’ personal information to hackers
A billing contractor, the Seattle-based Automatic Funds Transfer Services, was hit by a ransomware attack in early February. The DMV has worked with the organization since mid-2019 “to correct and verify vehicle registration addresses,” according to the department. KFSN in Fresno reports that the affected data includes 20 months’ worth of California vehicle registration records […]
Digital Payment Service Provider Settles with OFAC for Apparent U.S. Sanctions Violations Associated with Digital Currency Transactions | Baker Botts
The BitPay settlement shows that OFAC expects that companies providing digital currency services understand the sanctions risks associated with their activities and take steps necessary to mitigate those risks. In other words, the OFAC compliance obligations for digital payment service providers, such as BitPay, are no different than those of any other financial service provider. […]
Jones Day Hit by Data Breach as Vendor Accellion Hack Widens
Law firm Jones Day says hackers got their hands on confidential client data and firm communications when an outside vendor’s file transfer system was breached. Jones Day is the second major law firm in two weeks to have private data exposed as a result of a breach at Accellion, which provides file transfer and other […]
NYDFS Issues Best Practices for Cyber Insurance Risk Management | Alston & Bird – JDSupra
Against the backdrop of the disruptions associated with the Covid-19 pandemic and SolarWinds cyber-espionage campaign, NYDFS has released guidance for insurers that underwrite cyber insurance policies and which contains a number of provisions expected to impact companies applying for or renewing cyber insurance coverage, not the least of which is a specific recommendation that insurers […]
National grocer advises customers of data breach affecting pharmacy
The Kroger Co. is advising customers of its pharmacy and Little Clinic of a data security breach in which patient names and personal information were accessed illegally, according to multiple media outlets. Source: National grocer advises customers of data breach affecting pharmacy
Hacker Claims to Have Stolen Files Belonging to Prominent Law Firm Jones Day – WSJ
“We have over 100 gigabytes of data,” the hacker wrote in response to an email from the Journal. The hacker, in the Journal’s correspondence, said it first reached out to Jones Day management on Feb. 3 and informed the firm that its network had been hacked and that data had been stolen. As of Tuesday, […]
Seeking Nominations for Cybersecurity Docket’s ‘Incident Response 30′ for 2021
Cybersecurity Docket welcomes your nominations for our ‘IR 30’ for 2021 — the 30 best Incident Response legal and compliance professionals in the industry.
A Ransomware OFAC Due Diligence Checklist | LinkedIn
This article suggests that by following the ransomware due diligence checklist set forth below, a ransomware victim who opts to pay the ransom can in the least mitigate the chances of a U.S. civil enforcement action or criminal prosecution, and perhaps even avoid U.S. government scrutiny altogether. Source: (26) A Ransomware OFAC Due Diligence Checklist | LinkedIn
Regulator vows it ‘will not engage with criminals’ as ransomware response continues | PublicTechnology.net
The Scottish Environment Protection Agency has said it “will not engage with criminals intent on disrupting public services and extorting public funds”, as it continues to deal with a ransomware attack that has been ongoing since Christmas Eve. Some of the information stolen from the environmental regulator has now been published online, but Police Scotland […]
Joe Biden enlists ‘world class’ cybersecurity team
President Joe Biden is hiring a group of national security veterans with deep cyber expertise, drawing praise from former defense officials and investigators as the US government works to recover from one of the biggest hacks of its agencies attributed to Russian spies. Source: Joe Biden enlists ‘world class’ cybersecurity team
Former UK Cybersecurity Chief Says Laws Needed to Stop Ransomware Payouts
“In the last year, experts are saying this is close to getting out of control,” said Martin. “You have to look seriously about changing the law on insurance and banning these payments, or at the very least, having a major consultation with the industry”. Source: Former UK Cybersecurity Chief Says Laws Needed to Stop Ransomware […]
Marriott Wins CCPA Data Breach Lawsuit
Marriott recently won dismissal of a proposed class action data breach lawsuit alleging several violations, including a violation of the California Consumer Privacy Act (CCPA). The case, Arifur Rahman v. Marriott International, Inc. et al., Case No.: 8:20-cv-00654, was dismissed in an Order by U.S. District Court Judge David O. Carter on January 12, 2021. […]
Kroll adds three seasoned cybersecurity experts to Cyber Risk practice | Security Magazine
Kroll, a division of Duff & Phelps, provider of risk mitigation, investigations, compliance, cyber resilience, security and incident response solutions, announced the hiring of three seasoned cyber experts in North America and two incident response investigators in Asia Pacific to fuel the expansion of its cyber risk management capabilities globally. Kroll’s recent hires in North America […]