LATEST POST
Attorney General Ken Paxton Sues Allstate and Arity for Unlawfully Collecting, Using, and Selling Over 45 Million Americans’ Driving Data to Insurance Companies
A January 13, 2025 press release from Texas Attorney General Ken Paxton: Texas Attorney General Ken Paxton sued Allstate and its subsidiary, Arity (“Allstate”), for unlawfully collecting, using, and selling data about the location and movement of Texans’ cell phones through secretly embedded software in mobile apps, such as Life360. Allstate and other insurers then […]
UK government plans to prohibit government and public sector entities from paying ransomware demands
Governments have routinely urged ransomware victims not to pay ransom demands, as it only encourages them to attack even more victims. Now the UK government may prohibit government and public sector entities from paying. LBC reports: Security minister Dan Jarvis told LBC: “We want these cyber criminals who operate from Russia and elsewhere to look […]
Robinhood to Pay $45 Million SEC Settlement Over Data Breach, Other Violations
WSJ reports: Two brokerage units of Robinhood Markets agreed to pay $45 million to settle an investigation by the Securities and Exchange Commission into a range of alleged violations, including one stemming from a 2021 data breach that exposed millions of customer names and emails. The settlement is the latest in a string of big […]
Gravy Analytics breach of location data puts millions of us at risk
As previously reported, a hacker claimed to have acquired a massive amount of data from Gravy Analytics. A sample of the data, confirmed by 404Media, was posted on a Russian-language forum by a user called “Nightly,” with a threat that if payment was not made, all of the data would be leaked. That post was […]
Researcher Uncovers AWS S3 Ransomware Vulnerabilities
As if there weren’t enough concerns with misconfigured Amazon AWS s3 buckets exposing data, now we read this: Security researchers at Rhino Security Labs have uncovered a concerning vulnerability in Amazon Web Services (AWS) S3 storage systems that could allow attackers to execute ransomware attacks against cloud-stored data. The research demonstrates how attackers can encrypt S3 bucket […]
FAQs for Schools and Persons Affected By the PowerSchool Data Breach
Joseph Lazzarotti of the Jackson Lewis law firm has some helpful advice for schools affected by the PowerSchool breach. Here are a few snippets: State breach notification laws generally place the obligation to notify affected persons and others on the owner of the personal information compromised in the breach, not the service provider that had […]
Critical Warning For 100 Million Apple Users—New Hack Attack Confirmed
Forbes reports that some new research suggests that 100 million macOS users are at risk from a new attack involving a Banshee Stealer variant: A new variant of the macOS Banshee Stealer threat, capable of hacking browser credentials, cryptocurrency wallets and other sensitive data, has been monitored by security researchers since late last year. Now those […]
Japan links Chinese hacker MirrorFace to dozens of cyberattacks targeting security and tech data
The Associated Press reports: Japan on Wednesday linked more than 200 cyberattacks over the past five years targeting the country’s national security and high technology data to a Chinese hacking group, MirrorFace, detailing their tactics and calling on government agencies and businesses to reinforce preventive measures. The National Police Agency said its analysis on the […]