LATEST POST
So you paid a ransom demand … and now the decryptor doesn’t work?
How many times have the government and intel firms warned us that decryptors provided by ransomware gangs do not always work and a significant percentage of victims wind up not recovering all their files even though they paid the ransom? Here’s another example from The Register, where an unnamed victim company paid the Hazard ransomware […]
Data collection on corporate websites is a litigation risk
Lawyers at Constangy, Brooks, Smith & Prophete, LLP write: Businesses continue to be subjected to a steady stream of consumer class action lawsuits alleging improper collection or disclosure of information from their websites. A variety of laws and legal claims are used to support the suits. Some lawsuits assert violation of laws that are not […]
ISPs Say 1996 Law Blocks FCC’s New Data Breach Rules
“Telecom companies told the U.S. Court of Appeals for the Sixth Circuit Monday that new Federal Communications Commission data breach rules are too similar to ones nixed by Congress in 2017.” Broadband Breakfast reports: “Congress disapproved the FCC’s earlier 2016 Reporting Rule, and the FCC all but admits that the two rules are nearly identical. […]
Electronic payment firm Slim CD notifies 1.7M customers of data breach
Slim CD is a Florida-headquartered processing gateway that handles electronic payments, including credit card payments for US and Canadian based merchants. On or about June 15, 2024, it detected suspicious activity in its computer environment. SC Media reports that the firm, has notified nearly 1.7 million credit card holders that their data may have been […]
Avis car rental breach affected almost 300,000 customers
If you rented a car from Avis, you may be receiving a notification letter about an August data breach they experienced. Bleeping Computer explains: American car rental giant Avis notified customers that unknown attackers breached one of its business applications last month and stole some of their personal information. According to data breach notification letters sent to […]
Another 947K patient records found to be hacked in MOVEit breach
More than a year after other victims of the MOVEit hacking incident notified people, the the Centers for Medicare & Medicaid Services (CMS) and Wisconsin Physicians Service Insurance Corporation (WPS) are notifying people whose protected health information was acquired by the Clop gang: The MOVEit data breach may be long in the rear-view mirror, but […]
Russian military officers accused of pre-invasion cyberattack on Ukraine
On Thursday, the Department of Justice announced it had unsealed an indictment alleging six Russian nationals with conspiracy to commit computer intrusion and wire fraud conspiracy. Five of the defendants were officers in Unit 29155 of the Russian Main Intelligence Directorate (GRU), a military intelligence agency of the General Staff of the Armed Forces. The […]
Retrospective: 2024 in comprehensive state data privacy law
2024 was an active year for state privacy law. Keir Lamont and David Stauss recap the year for IAPP: By the numbers, 2024 experienced a comparable level of activity to 2023 with seven new states passing comprehensive privacy laws, bringing the total number of state laws to 19 — or 20 depending on whether you […]