LATEST POST
FTC Order Will Require Blackbaud to Delete Unnecessary Data, Boost Safeguards to Settle Charges its Lax Security Practices Led to Data Breach
FTC says company’s poor security allowed hacker to steal sensitive data of millions of consumers, go undetected for months South Carolina-based Blackbaud Inc. will be required to delete personal data that it doesn’t need to retain as part of a settlement with the Federal Trade Commission over charges that the company’s lax security allowed a […]
Ex-CIA software engineer sentenced to 40 years for giving secrets to WikiLeaks
The Guardian reports: A former Central Intelligence Agency (CIA) software engineer who was convicted for carrying out the largest theft of classified information in the agency’s history and of charges related to child abuse imagery was sentenced to 40 years in prison on Thursday. The 40-year sentence by US district judge Jesse Furman was for […]
President Biden Says He Will Veto Any Resolution That Repeals the New SEC Breach Disclosure Rule
While advocates for more transparency and timely disclosures in response to data breaches were generally pleased with the new disclosure rule by the SEC that went into effect on December 18, not everyone was pleased. In November 2023, Senator Thomas Tillis [R-NC] introduced bill S.J.Res.50 – A joint resolution providing for congressional disapproval under chapter […]
FBI director to warn that Chinese hackers are preparing to ‘wreak havoc’ on US critical infrastructure
CNN reports: FBI Director Christopher Wray on Wednesday is expected to warn that Chinese hackers are preparing to “wreak havoc and cause real-world harm” to the US. “China’s hackers are positioning on American infrastructure in preparation to wreak havoc and cause real-world harm to American citizens and communities, if or when China decides the time has come […]
Attorney General James Sues Citibank for Failing to Protect and Reimburse Victims of Electronic Fraud
NEW YORK – New York Attorney General Letitia James today sued Citibank, N.A. (Citi) for failing to protect and refusing to reimburse victims of fraud. The lawsuit alleges that Citi does not implement strong online protections to stop unauthorized account takeovers, misleads account holders about their rights after their accounts are hacked and funds are stolen, […]
Ex-IRS Contractor Who Leaked Trump, Griffin Tax Data Gets Five Years in Prison
Bloomberg News reports: A former Internal Revenue Service contractor who stole and leaked the tax returns of former President Donald Trump, Ken Griffin, Elon Musk and other billionaires was sentenced to five years in prison. Charles Littlejohn, 38, pleaded guilty Oct. 12 to stealing Trump’s tax data from the IRS and leaking it to the New York Times. He also admitted taking tax […]
SolarWinds Seeks Dismissal of ‘Unfounded’ SEC Cybersecurity Suit
Bloomberg Law reports on a case that probably has a lot of CISOs somewhat nervous: SolarWinds Corp. issued a full-throated denial of wrongdoing in how it handled one of the worst cyberattacks in history in a Friday court filing seeking the dismissal of US Securities and Exchange Commission allegations that its software security representations defrauded […]
New Ransomware Reporting Requirements Kick in as Victims Increasingly Avoid Paying
As 2023 drew to a close, a report by Emsisoft made the bold recommendation to impose a flat-out ban on ransom payments in the event of cyberattacks. Their suggestion has spawned a good deal of discussion, including a new report by incident response firm Coveware, who disagrees strongly with the recommendation. The following is just […]