A client alert from Womble Bond Dickinson (US) discusses what it describes as a first-of-its-kind ruling: a California court did
This client alert is based on a longer article Patrick Emerson McCormick wrote for the Conference on Consumer Finance Law Quarterly
The Record reports: A Chinese national accused of being a member of a state-backed hacking group has been extradited to
The law firm of Squire Patton Boggs writes: Connecticut Attorney General William Tong recently issued an advisory memorandum (“Advisory”) to all “State
Comply or risk class-action litigation? IAPP explains: Last year, the California Privacy Protection Agency adopted a major new rule requiring certain businesses
Miscellaneous News
DysruptionHub reports: A cybersecurity event has disrupted calibration systems at Des Moines, Iowa-based Intoxalock since March 14, leaving some court-ordered
The International Business Times reports: Discord is preparing to enforce a global age verification system from early March that will
TechCrunch reports: New York public health provider NYC Health + Hospitals says a months-long data breach that allowed hackers to steal personal data, medical records, and fingerprints scans affects at least 1.8 million people. NYCHHC is the largest public health system in the United States and provides healthcare to over a million New Yorkers, the majority of whom are uninsured or receive state healthcare benefits, such as Medicaid. The healthcare system reported the number to the U.S. Department of Health and Human Services,
When the federal agency that directs organizations and agencies to quickly attend to vulnerabilities and breaches has its own breach, people notice. Brian Krebs reports: Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the
CNN reports: US officials suspect Iranian hackers are behind a series of breaches of systems that monitor the amount of fuel in storage tanks serving gas stations in multiple states, according to multiple sources briefed on the activity. The hackers responsible have exploited automatic tank gauge (ATG) systems that were sitting online and unprotected by passwords, allowing them in some cases to tinker with display readings on the tanks but not the actual levels of fuel in them, the sources said. The cyber
When education software giant Instructure announced on May 1 that its widely used Canvas software was unavailable as it investigated a data security incident, it suggested the breach was mostly contained. That turned out to be overly optimistic. While the firm posted updates on its site as its services returned to service, the ShinyHunters group that attacked them continued to issue threats to leak data from thousands of schools and millions of students. On May 7, in the middle of Finals week at many schools
From the Google Threat Intelligence Group’s Executive Summary: Read more at Google.
TechCrunch reports: New York public health provider NYC Health + Hospitals says a months-long data breach that allowed hackers to steal personal
When the federal agency that directs organizations and agencies to quickly attend to vulnerabilities and breaches has its own breach,
Cybernews reports: 7-Eleven confirms its internal systems were breached in April, exposing the information of an unknown number of individuals
Does it matter whether President Trump calls the situation with Iran a “war” or an “excursion” or something else if
From the Hunton Insurance Recovery Blog: In the rarely litigated space of cyber insurance, the Northern District of Texas issued
When the federal agency that directs organizations and agencies to quickly attend to vulnerabilities and breaches has its own breach,
TechCrunch reports: New York public health provider NYC Health + Hospitals says a months-long data breach that allowed hackers to steal personal data, medical records, and fingerprints scans affects at least 1.8 million people. NYCHHC is the largest public health system in the United States and provides healthcare to over a million New Yorkers, the majority of whom are uninsured or receive state healthcare benefits, such as Medicaid. The healthcare system reported the number to the U.S. Department of Health and Human Services,
When the federal agency that directs organizations and agencies to quickly attend to vulnerabilities and breaches has its own breach, people notice. Brian Krebs reports: Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the
CNN reports: US officials suspect Iranian hackers are behind a series of breaches of systems that monitor the amount of fuel in storage tanks serving gas stations in multiple states, according to multiple sources briefed on the activity. The hackers responsible have exploited automatic tank gauge (ATG) systems that were sitting online and unprotected by passwords, allowing them in some cases to tinker with display readings on the tanks but not the actual levels of fuel in them, the sources said. The cyber
When education software giant Instructure announced on May 1 that its widely used Canvas software was unavailable as it investigated a data security incident, it suggested the breach was mostly contained. That turned out to be overly optimistic. While the firm posted updates on its site as its services returned to service, the ShinyHunters group that attacked them continued to issue threats to leak data from thousands of schools and millions of students. On May 7, in the middle of Finals week at many schools
A client alert from Womble Bond Dickinson (US) discusses what it describes as a first-of-its-kind ruling: a California court did
This client alert is based on a longer article Patrick Emerson McCormick wrote for the Conference on Consumer Finance Law Quarterly
The Record reports: A Chinese national accused of being a member of a state-backed hacking group has been extradited to
The law firm of Squire Patton Boggs writes: Connecticut Attorney General William Tong recently issued an advisory memorandum (“Advisory”) to all “State
Comply or risk class-action litigation? IAPP explains: Last year, the California Privacy Protection Agency adopted a major new rule requiring certain businesses
Miscellaneous News
DysruptionHub reports: A cybersecurity event has disrupted calibration systems at Des Moines, Iowa-based Intoxalock since March 14, leaving some court-ordered
The International Business Times reports: Discord is preparing to enforce a global age verification system from early March that will
TechCrunch reports: New York public health provider NYC Health + Hospitals says a months-long data breach that allowed hackers to steal personal
When the federal agency that directs organizations and agencies to quickly attend to vulnerabilities and breaches has its own breach,
Cybernews reports: 7-Eleven confirms its internal systems were breached in April, exposing the information of an unknown number of individuals
Does it matter whether President Trump calls the situation with Iran a “war” or an “excursion” or something else if
From the Hunton Insurance Recovery Blog: In the rarely litigated space of cyber insurance, the Northern District of Texas issued
When the federal agency that directs organizations and agencies to quickly attend to vulnerabilities and breaches has its own breach,
