Litigation and legal developments concerning data breaches.
The Department of Justice announced yesterday the seizure of the LeakBase database, one of the world’s largest online forums for cybercriminals to buy and sell stolen data and cybercrime tools. According to an affidavit unsealed on March 3, the LeakBase forum had over 142,000 members and more than 215,000 messages between members. Available on the […]
From the Hunton Insurance Recovery Blog: In the rarely litigated space of cyber insurance, the Northern District of Texas issued a win for cyber policyholders this week, offering a clear reminder to insurers that if they want to restrict coverage, they must draft the policy to clearly do so. In CiCi Enterprises, LP v. HSB Specialty […]
If a bill introduced in the Connecticut Senate ever becomes law, there will be new requirements for entities whose breaches affect more than 100,000 Connecticut residents. As attorneys from Ballard & Spahr explain: Read more at JD Supra. The second provision above is certain to raise a lot of concerns and opposition. The language of […]
Insurance Business Magazine reports: Digital medicines platform MediMap is seeking urgent court orders in New Zealand after an individual claiming to be behind a cyber incident circulated what appears to be patient information to news organisations – an incident that is drawing attention to cyber risk, privacy exposure, and the role of cyber insurance across […]
Bank InfoSecurity has an update on the Norton Healthcare breach in 2023: Norton Healthcare, which operates nine hospitals and 480 other care facilities in Kentucky and Indiana, has agreed to pay $11 million to settle class action litigation triggered by a 2023 data theft attack by ransomware-as-a-service gang Alphv/BlackCat that affected nearly 2.5 million people. […]
The Record reports: A 47-year-old man was arrested in Poland for his alleged involvement with the Phobos ransomware operation. … Phobos was a ransomware gang that attacked more than 1,000 organizations worldwide, targeting hospitals, schools, government agencies and more. U.S. prosecutors previously said operators of Phobos and a related strain called 8Base collected upwards of […]
Bleeping Computer reports: South Korea has fined luxury fashion brands Louis Vuitton, Christian Dior Couture, and Tiffany $25 million for failing to implement adequate security measures, which facilitated unauthorized access and the exposure of data belonging to more than 5.5 million customers. All three brands are part of the Louis Vuitton Moët Hennessy (LVMH) group […]
A press release from the Texas State Attorney General: Attorney General Ken Paxton issued Civil Investigative Demands (“CIDs”) to Blue Cross Blue Shield of Texas (“BCBS”) and Conduent Business Services LLC (“Conduent”), demanding documents and information pertinent to the investigation of the Conduent data breach that exposed the sensitive personal data of approximately four million […]
TechCrunch reports: Coupang’s massive data breach in South Korea has now become a geopolitical flashpoint as a growing number of the company’s U.S. investors take legal action against the South Korean government. What began as a regulatory investigation into data security failures has expanded into a broader dispute over alleged unfair treatment of the U.S.-headquartered company. While […]
Top Class Actions reports: Read more at Top Class Actions. The official settlement website has not been posted yet. All consumers should be alert to the possibility that you may receive scam or phishing attempts claiming you are entitled to a settlement. Wait for the official settlement site to learn how class members are being […]
