LATEST POST
Recent settlements reached in two data breach cases
Here are just two of many recent proposed settlements in data breach litigation: Arthur J. Gallagher & Co. and and Gallagher Bassett Services, Inc. Settlement: Arthur J. Gallagher & Co. agreed to a $21 million class action lawsuit settlement to resolve claims it failed to prevent a 2020 data breach that compromised sensitive employee and client […]
Globe Life notifying an additional 850,000 clients of 2024 data breach
Bleeping Computer reports that Globe Life is notifying an additional 850,000 people of a breach it discovered last year: On June 13, 2024, the company discovered during a security review of its networks that it had been compromised by hackers who had gained unauthorized access to one of its web portals. Globe Life shared in October the first […]
FDA, CISA warn of backdoor in popular patient monitor used by US hospitals
The Record reports: Federal agencies are warning hospitals of a backdoor discovered in a popular line of patient monitors sold by Chinese company Contec. The Cybersecurity and Infrastructure Security Agency (CISA) and Food and Drug Administration (FDA) released warnings on Thursday about an embedded function they found in the firmware of the Contec CMS8000 — […]
Tata Technologies Reports Ransomware Attack Damaging IT Assets
NDM News Network reports that Tata Technologies, a subsidiary of Tata Motors, is responding to a ransomware attack that resulted in the temporary suspension of some services: Tata Technologies is currently working to investigate the situation and reinforce its cybersecurity measures to prevent future disruptions and ensure the protection of its digital infrastructure. The company […]
U.S. State Privacy Laws: Making Sense of the Mess
Law professor Daniel Solove writes: Read more on LinkedIn.
Guess who left a database wide open, exposing chat logs, API keys, and more? Yup, DeepSeek
“This database contained a significant volume of chat history, backend data and sensitive information, including log streams, API Secrets, and operational details.” It appears that DeepSeek — the same AI platform that sent tech stocks crashing because it might be better and was definitely cheaper than U.S. AI platforms — could not get basic security […]
FBI Seizes Hacking Forums Nulled.to and Cracked.io
Some long-standing hacking forums are standing no more. They have been seized by law enforcement in an international cooperative operation. PC Mag reports: The FBI has seized a pair of internet forums dedicated to computer hacking and forced the affected domains offline. The crackdown ensnared Cracked[.]io and Nulled[.]to, two forums known for hosting and selling […]
ENGlobal says hackers accessed ‘sensitive personal’ data during cyberattack
TechCrunch reports that the engineering giant and government contractor was impacted significantly for six weeks following a ransomware attack in November: U.S. engineering firm ENGlobal has confirmed that hackers accessed “sensitive personal information” from its systems during a November 2024 cyberattack. ENGlobal, which provides engineering and automation services to the federal government and critical infrastructure organizations, […]