Now Available!
Join Us On LinkedIn
Join the Cybersecurity and Incident Response Group on LinkedInGarmin is the latest big name taken out by ransomware
Having a well-developed cybersecurity system is important for young companies, says John Reed Stark, a former SEC internet enforcement chief. “If your goal is to someday be bought or to someday to grow or go public,” he says, “you want to surround yourself with sophisticated people early on when it comes to your biggest problems. […]
Data stolen in ransomware attack on French telco Orange – SiliconANGLE
French telecommunications company Orange S.A. has been targeted by a ransomware attack with data stolen. First reported July 16 by Bleeping Computer, the ransomware attack targeted Orange’s Business Services division, which offers enterprise solutions such as remote support, virtual workstations, system security, cloud backups and cloud hosting. The ransomware attack came from the Nefilim ransomware group, […]
NY Charges First American Financial for Massive Data Leak — Krebs on Security
In May 2019, KrebsOnSecurity broke the news that the website of mortgage title insurance giant First American Financial Corp. had exposed approximately 885 million records related to mortgage deals going back to 2003. On Wednesday, regulators in New York announced that First American was the target of their first ever cybersecurity enforcement action in connection […]
$117.5M Yahoo Breach Settlement Was Reasonable, But Legal Work Was ‘Not Novel,’ Judge Koh Says | Law.com
U.S. District Judge Lucy Koh signed off on the $117.5 million data breach settlement with Yahoo Inc. on Tuesday, but she slashed attorney fees by more than $7 million after concluding the deal was “unexceptional” and the legal work “not particularly novel.” via $117.5M Yahoo Breach Settlement Was Reasonable, But Legal Work Was ‘Not Novel,’ […]
Twitter: “An update on our security incident”
At this time, we believe attackers targeted certain Twitter employees through a social engineering scheme. What does this mean? In this context, social engineering is the intentional manipulation of people into performing certain actions and divulging confidential information. The attackers successfully manipulated a small number of employees and used their credentials to access Twitter’s internal […]
2020 is on Track to Hit a New Data Breach Record – Security Boulevard
We’re just halfway through the year, and 2020 is on track to set a new data breach record. The new year started off on the wrong foot, with the coronavirus wreaking havoc across the world, creating the perfect storm for cybercrime to flourish. From healthcare institutions, tech, software, social media and meal delivery companies, cybercriminals […]
One of Florida’s largest orthopedic providers faces class-action lawsuit after data breach
One of Florida’s largest orthopedic providers is facing a class-action lawsuit after hackers stole personal information from potentially thousands of patients. Attorney John Yanchunis of Morgan & Morgan filed the lawsuit against the Florida Orthopedic Institute, seeking at least $99 million on behalf of patients and former patients citing a “failure to properly secure and […]
Ransomware Gangs Don’t Need PR Help — Krebs on Security
We’ve seen an ugly trend recently of tech news stories and cybersecurity firms trumpeting claims of ransomware attacks on companies large and small, apparently based on little more than the say-so of the ransomware gangs themselves. Such coverage is potentially quite harmful and plays deftly into the hands of organized crime. Often the rationale behind […]
Keeping Data-Breach Reports Confidential After Capital One
When U.S. Magistrate Judge John Anderson ordered[1] Capital One Financial Corp. to turn over a post-breach digital forensics report to the consumer plaintiffs in the multidistrict litigation relating to the bank’s July 29, 2019, data breach,[2] the decision sent shock waves through the community of legal and forensic firms that help companies respond to cyberattacks. […]
How hackers extorted $1.14m from University of California, San Francisco – BBC News
A leading medical-research institution working on a cure for Covid-19 has admitted it paid hackers a $1.14m (£910,000) ransom after a covert negotiation witnessed by BBC News. The Netwalker criminal gang attacked University of California San Francisco (UCSF) on 1 June. via How hackers extorted $1.14m from University of California, San Francisco – BBC News.
A New CCPA Data Breach Lawsuit Is “Minted” – Lexology
Online stationery and craft company Minted Inc. has been hit with a CCPA class action lawsuit, stemming from a massive data breach the company disclosed in late May. The proposed class action lawsuit, filed in a California federal court, claims that Minted Inc. failed to implement “reasonable security measures” and to properly encrypt certain personal […]
Human Capital: John Reed Stark Identifies Lurking Cybersecurity Risks | ThinkAdvisor
Listen in as Stark details why the cybersecurity challenges are exacerbated by the COVID-19 work-from-home environment, with ransomware attacks, phishing and business email schemes also on the rise. “There are legions of soldiers waking up every morning with the sole desire to attack U.S. systems and exfiltrate important data,” Stark says. via Human Capital: John […]
Data Breach Report in Capitol One Litigation Not Privileged | 2020-06-05 | Security Magazine
On May 26, the District Court found in the In Re: Capital One Consumer Data Security Breach Litigation, MDL No. 1:19md2915 (AJT/JFA)(ED VA) that a report prepared by Mandiant concerning the Capital One data breach (Breach Report) was not protected by the work product privilege and must be turned over to Plaintiffs. via Data Breach Report in Capitol One […]
California AG Submits CCPA Regulations for Final Approval, Paving the Way Toward Enforcement – Lewis Brisbois Bisgaard & Smith LLP
On Monday, June 1, 2020, the California Attorney General’s Office announced that it had submitted the final version of its proposed regulations under the California Consumer Privacy Act (CCPA) to the California Office of Administrative Law (OAL) for review and approval. via California AG Submits CCPA Regulations for Final Approval, Paving the Way Toward Enforcement […]
EasyJet Says Cyberattack Stole Data of 9 Million Customers – The New York Times
EasyJet, the low-cost airline based in England, said on Tuesday that it was the target of a “highly sophisticated” cyberattack that exposed the email addresses and personal travel plans of about nine million customers, and that some had their credit card details stolen. via EasyJet Says Cyberattack Stole Data of 9 Million Customers – The […]