LATEST POST
Changes to Breach Notification Requirements Continue at State Level
In October 2023, Perkins Coie published an update to existing state breach notification laws. Pennsylvania The first major update to Pennsylvania’s Breach of Personal Information Notification Act was passed earlier this year. The updates include a range of changes consistent with those adopted in other states in the last several years, so these updates are unlikely […]
Okta’s latest hack fallout hits Cloudflare, 1Password
TechCrunch reports: Network and security giant Cloudflare and password manager maker 1Password said hackers briefly targeted their systems following a recent breach of Okta’s support unit. Both Cloudflare and 1Password said their recent intrusions were linked to the Okta breach, but that the incidents did not affect their customer systems or user data. “We immediately terminated […]
Phishing Guidance: Stopping the Attack Cycle at Phase One
Posted by CISA.gov, this guidance also has tips for small and medium businesses: This guide was created by the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), and Multi-State Information Sharing and Analysis Center (MS-ISAC) to outline phishing techniques malicious actors commonly use and to provide guidance for […]
Okta shares fall 11% after company says client files were accessed by hackers via its support system
Stock prices often fall after a major breach is announced. Many will rebound quickly, but not all do. Here is an example from this past week of a firm taking a significant stock hit shortly after a breach was announced. CNBC reports: Shares of cybersecurity firm Okta closed down 11.5% after the company said an unidentified hacking group had […]
Why are cyber experts concerned about data security in India?
For those readers who think India is not of great interest or importance to them, remember that many non-Indian firms and entities outsource some or all of their functions to firms in India — and often without your knowledge. The Week reports: Digital transformation and development of advanced technologies are progressing at full pace in […]
Top US Cyber Agency Pushing Toward First Hack Reporting Rule
As seen on Bloomberg Law: A new US notification requirement for victims of malicious hacks could push in-house counsel to disclose cyberattacks when faced with ransomware and other network compromises. Among the first-ever cyber regulations to be enforced by the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, the top US cyber authority, the […]
Epiq to Settle Lawsuit for $6.5 Million After Accidentally Leaking Identities of Church Sex Abuse Survivors
Bloomberg Law reports: More than 100 survivors of sexual abuse by clergy of the Catholic Church asked a Connecticut federal judge for final approval of their $6.5 million settlement with a bankruptcy services firm that mistakenly revealed their identities online. Epiq Corporate Restructuring LLC would pay at least 128 individuals cash payments of $50,000 under […]
International coalition of law enforcement takes down Ragnar_Locker ransomware portal
An international group of law enforcement agencies have seized the dark web portal used by the Ragnar_Locker ransomware gang. The notice appeared today, and although there have been no press releases yet by either Interpol, Europol, or the FBI, TechCrunch was able to get confirmation from a spokesperson for Europol that information will be released […]