Now Available!
Join Us On LinkedIn
Join the Cybersecurity and Incident Response Group on LinkedInWho Has Standing in a Data Breach Litigation? In The Third Circuit, Fear of Speculative Future Harm Still Doesn’t Cut It | Consumer Privacy World
As the number of data breaches continue to rise, so too will the number of lawsuits filed. As CPW previously reported, the number of data breaches in 2020 was more than double that of 2019. One can only wonder what 2021 will bring. Yet with this increase in data breach litigation, a recent opinion within […]
California DMV hit by data breach, exposing millions of drivers’ personal information to hackers
A billing contractor, the Seattle-based Automatic Funds Transfer Services, was hit by a ransomware attack in early February. The DMV has worked with the organization since mid-2019 “to correct and verify vehicle registration addresses,” according to the department. KFSN in Fresno reports that the affected data includes 20 months’ worth of California vehicle registration records […]
Jones Day Hit by Data Breach as Vendor Accellion Hack Widens
Law firm Jones Day says hackers got their hands on confidential client data and firm communications when an outside vendor’s file transfer system was breached. Jones Day is the second major law firm in two weeks to have private data exposed as a result of a breach at Accellion, which provides file transfer and other […]
National grocer advises customers of data breach affecting pharmacy
The Kroger Co. is advising customers of its pharmacy and Little Clinic of a data security breach in which patient names and personal information were accessed illegally, according to multiple media outlets. Source: National grocer advises customers of data breach affecting pharmacy
Hacker Claims to Have Stolen Files Belonging to Prominent Law Firm Jones Day – WSJ
“We have over 100 gigabytes of data,” the hacker wrote in response to an email from the Journal. The hacker, in the Journal’s correspondence, said it first reached out to Jones Day management on Feb. 3 and informed the firm that its network had been hacked and that data had been stolen. As of Tuesday, […]
Regulator vows it ‘will not engage with criminals’ as ransomware response continues | PublicTechnology.net
The Scottish Environment Protection Agency has said it “will not engage with criminals intent on disrupting public services and extorting public funds”, as it continues to deal with a ransomware attack that has been ongoing since Christmas Eve. Some of the information stolen from the environmental regulator has now been published online, but Police Scotland […]
Marriott Wins CCPA Data Breach Lawsuit
Marriott recently won dismissal of a proposed class action data breach lawsuit alleging several violations, including a violation of the California Consumer Privacy Act (CCPA). The case, Arifur Rahman v. Marriott International, Inc. et al., Case No.: 8:20-cv-00654, was dismissed in an Order by U.S. District Court Judge David O. Carter on January 12, 2021. […]
Russian hackers compromised Microsoft’s cloud customers through a third party, putting email and other data at risk – The Washington Post
“If it’s true that a cloud service provider customer’s data has been exfiltrated and is in the hands of some threat actor, that’s a very serious situation,” said John Reed Stark, who runs a consulting firm and is former chief of the Securities and Exchange Commission’s Office of Internet Enforcement. “It should raise all sorts […]
The Cyber Threat Is Real and Growing – WSJ
It appears that this was purely an intelligence-gathering effort. The SVR sat on government networks collecting as much data as it could, whenever and however it wanted. It was less like tapping into phone lines and more like breaking into the library and wandering around. Every country conducts espionage. That’s not the alarming part. What […]
Trump downplays Russia in first comments on hacking campaign
While Trump downplayed the impact of the hacks, the Cybersecurity and Infrastructure Security Agency has said it compromised federal agencies as well as “critical infrastructure.” Homeland Security, the agency’s parent department, defines such infrastructure as any “vital” assets to the U.S. or its economy, a broad category that could include power plants and financial institutions. One […]
US agencies hacked in global cyberspying campaign – New York Daily News
In a rare emergency directive issued late Sunday, the Department of Homeland Security’s cybersecurity arm warned of an “unacceptable risk” to the executive branch from a feared large-scale penetration of U.S. government agencies that could date back to mid-year or earlier. Source: US agencies hacked in global cyberspying campaign – New York Daily News
Most Victim Organizations Suffer Second Intrusion Within a Year – Infosecurity Magazine
Security experts have warned victims of sophisticated cyber-attacks not to think of intrusions as a one-off event, as a majority of organizations end up getting hit again within the year. CrowdStrike compiled an analysis of its own incident response and managed services engagements in 2020, to produce the CrowdStrike Services Cyber Front Lines Report. It warned […]
Global cybercrime losses rapidly approaching trillion-dollar mark – McAfee report
Global losses from cybercrime are close to becoming a ‘trillion-dollar’ shackle that is weighing down the global economy, with the annual global cost of cybercrime pegged at $945 billion – or 1% of the entire world’s GDP. These are some of the figures from McAfee’s The Hidden Costs of Cybercrime report, conducted in partnership with […]
Cybersecurity firm FireEye says it was hacked by a nation-state | TechCrunch
FireEye, normally the first company that cyberattack victims will call, has now admitted it too has fallen victim to hackers, which the company called a “sophisticated threat actor” that was likely backed by a nation-state. In a blog post confirming the breach, the company’s chief executive Kevin Mandia said the nation-backed hackers have “top-tier offensive […]
Ransomware gangs now even calling victims to meet demands: Report – Express Computer
Some ransomware groups have now resorted to cold-calling victims to pressure them into paying ransom demands if they come to know that the targeted organisations were attempting restoration from backups, said a media report. Some of the ransamware gangs that have used this tactic include Conti and Ryuk, a spokesperson for New Zealand-headquartered cybersecurity firm […]