Researchers at Palo Alto Network have reported a serious risk to organizations using cloud services that may result in an organization’s files being deleted and held for ransom. The risk is not due to any vulnerability with the cloud services themselves. The risk is due to the victim organizations misconfiguring their settings and inadvertently exposing […]
In April 2024, AT&T learned that its customer data had been exfiltrated from its Snowflake workspace. The breach affected 90 million or more customers’ call and text histories recorded during a six-month period in 2022. The following is a press release from Senator Chuck Grassley:
IBM’s new cost of a data breach report is out, and the numbers are not encouraging. By the numbers: $4.88 million — The global average cost of a data breach in 2024—a 10% increase over last year and the highest total ever. The highest average cost was $9.77 million for the healthcare sector. The industrial sector […]
“What will it take for victims of ransomware, extortion and other types of cybercrime to stop directly funding their attackers?” That’s the great question posed by BankInfoSecurity after WIRED reported AT&T paid hackers $370,000 to delete the data they had stolen. BankinfoSecurity reports: How many of the approximately 165 victims of the campaign targeting Snowflake […]
Despite some calls to ban ransomware payments in hopes that criminals will abandon financially motivated ransomware attacks, finding a way to get everyone to comply with any such ban has seemed challenging, to say the least, and there has been a lot of pushback. Now, one more expert with clout has suggested that the idea […]
The Supreme Court issued a decision today that could limit federal agencies attempting to impose fines for data security violations or breaches. Although the decision in Securities and Exchange Commission v. Jarkesy did not involve data security or a data breach, the issue before the court involved the agency’s authority to charge someone with a violation […]
Researchers at Sentinel Labs and Recorded Future report that Chinese-linked cyberespionage campaigns are increasingly deploying ransomware. CyberScoop reports that their research suggests that ransomware is reportedly used in the final stage of cyberespionage operations to either make money, distract adversaries, or make it more difficult to attribute their work: The report that Chinese hackers are […]
Hariom Seth, the founder of Tagglabs, writes: Any company handling data is susceptible to data breaches. IBM in 2023 conducted a study of 553 companies on the cost of data breaches, according to which a majority of organisations within the study had at least 1 major data breach in the past year. Healthcare was the […]
Information Week recently reported on an interesting panel at the RSA conference in San Francisco: Patricia Titus, chief information security officer (CISO) of Booking Holdings Inc., moderated the panel “Life After the Breach: A Survivor’s Guide.” The panelists included Tim Crothers, CISO of Mandiant; Russ Ayres, SVP and deputy CISO of credit bureau Equifax; and […]
Federal Court Rejects Motion to Dismiss Wiretap Claims Using HIPAA to Support Crime-Tort Exception Allegations
If you feel like you need an explanation of the headline, you are not alone. But BCLP explains the concept and court decisions: It has now become commonplace for Plaintiffs’ attorneys to bring claims alleging that routine marketing techniques, including the deployment of behavioral advertising cookies and pixels, constitute wiretaps in violation of state and […]