The Record reports: A lack of liability for software vendors is among the most pressing issues putting Britain’s economic and national security at risk, an influential committee of lawmakers warned on Monday. The report by the Business and Trade Committee says economic threats facing the United Kingdom are “multiplying — and, in the years ahead, will grow […]
Reuters reports: Comcast will pay a $1.5 million fine after a vendor breach exposed personal data from 237,000 current and former customers, the Federal Communications Commission said on Monday. The FCC said a debt collector used by Comcast until 2022, Financial Business and Consumer Solutions, suffered a 2024 data breach that exposed personal information of Comcast […]
Covington and Burling writes: On November 20, 2025, the Securities and Exchange Commission (“SEC”) announced that it was voluntarily dismissing the case it brought against SolarWinds Corp. (“SolarWinds”) and its information security officer, Timothy Brown, regarding the company’s security practices and related statements in connection with the “Sunburst” cybersecurity incident. The SEC stated in a […]
The New York Times reports: Some of the nation’s biggest banks were scrambling on Saturday night to assess the fallout from a large-scale hack of a vendor whose compromise could expose sensitive customer data. The vendor, SitusAMC, has been deployed by hundreds of banks and other lenders to help originate and collect money from real […]
Bleeping Computer reports: American cybersecurity firm CrowdStrike has confirmed that an insider shared screenshots taken on internal systems with hackers after they were leaked on Telegram by the Scattered Lapsus$ Hunters threat actors. However, the company noted that its systems were not breached as a result of this incident and that customers’ data was not […]
The Record reports: Cloud giant Salesforce warned customers of a potential data breach on Wednesday evening after discovering “unusual activity” related to a third-party application called Gainsight. Salesforce posted a message on its website saying an investigation revealed that the activity “may have enabled unauthorized access to certain customers’ Salesforce data through the app’s connection.” Gainsight is […]
TORONTO, ON (November 18, 2025) — Ontario and Alberta information and privacy commissioners have released the findings of their investigations into a massive privacy breach involving PowerSchool education technology (edtech) used by schools in their respective provinces. The incident, which affected millions of Canadians across the country, highlights the importance for educational bodies, including school boards, […]
DataBreaches.net reports that Doctor Alliance, a business associate to covered entities in the healthcare sector, recently fell prey to a cyberattack that allegedly comprised 353 GB of patient files. Making matters even worse, after assuring clients that the vulnerability had been addressed and everything was secure, it was attacked again by the same threat actor […]
Mark Rasch writes: When something goes wrong, after exhausting all other possible alternatives, a company may go to its lawyer with the silliest question you can ever ask a lawyer — “Can I sue?” The basic answer is, “if it moves, sue it…” “If it doesn’t move… move it… then sue it…” And when asked, […]
The Record reports: Technology manufacturer Logitech filed documents with the Securities and Exchange Commission (SEC) on Friday about a recent cybersecurity incident that involved a zero-day vulnerability. The company told the SEC that an investigation revealed that hackers exploited a bug “in a third-party software platform and copied certain data from the internal IT system.” “The zero-day […]
