Two Men Sentenced to Prison for Aggravated Identity Theft and Computer Hacking Crimes
A press release from the U.S. Attorney’s Office, Eastern District of New York:
California Court Holds Defendants Liable for Fraudulent Wire Transfer
If a firm falls for a business email compromise or fraud and wires payment to a fraudster, it will still have to pay the correct party. From the Proskauer law firm, a post about a recent case: A case of first impression decided by the California Court of Appeal, Fourth Appellate District demonstrates the high […]
North Dakota Enacts Financial Data Security and Data Breach Notification Requirements
The Hunton Andrews Kurth law firm has posted a summary of new law in North Dakota that affects financial corporations: On April 11, 2025, the North Dakota governor signed H.B. 1127 (the “Act”), which establishes new data security measures and breach notification obligations for financial corporations. Covered entities include those that are regulated by the North Dakota […]
Hogan Lovells Asia-Pacific Data, Privacy and Cybersecurity Guide 2025
Hogan Lovells has released a new guide exploring data protection and security developments in the APAC area. The guide reviews: Download the Asia-Pacific Data, Privacy, and Cybersecurity Guide 2025.
Mid-year State Privacy and Enforcement Updates
James Sherer of BakerLaw recently sent out an interesting email update on state laws, which we are passing along to our readers: If you would like to receive the firm’s CLE/weekend update emails, reach out to jsherer@bakerlaw.com.
Australian ransomware victims now must tell the government if they pay up
The Record reports: Australia became on Friday the first country in the world to require victims of ransomware attacks to declare to the government any extortion payments made on their behalf to cybercriminals. The law, initially proposed last year, only applies to organizations with an annual turnover greater than AUS $3 million ($1.93 million) alongside a smaller […]
US medical org pays $50M+ to settle case after crims raided data and threatened to swat cancer patients
The Register reports: A Seattle cancer facility has agreed to fork out around $52.5 million as part of a class action settlement linked to a Thanksgiving 2023 cyberattack where criminals directly threatened cancer patients with swat attacks. The Fred Hutchinson Cancer Center (Fred Hutch) disclosed its November 2023 attack a month later, after it confirmed […]
Banks Want SEC to Rescind Cyberattack Disclosure Requirements
PYMNTS reports: American banking groups want the Securities and Exchange Commission (SEC) to revoke its cybersecurity incident disclosure requirements. These groups, led by the American Bankers Association (ABA), wrote to the SEC last week, contending that disclosing cybersecurity incidents “directly conflicts with confidential reporting requirements intended to protect critical infrastructure and warn potential victims.” Joining the ABA were the Securities Industry […]
Digital espionage and more forms of espionage are now also criminal offenses under Dutch law
The Netherlands added a new criminal provision to its criminal code. The provision went into effect on May 15. As seen on the government’s website: More forms of espionage, such as digital and diaspora espionage, are to be a criminal offence from 15 May onwards. To achieve this a new criminal provision is being added […]
FTC Fines GoDaddy for Weak Security, Data Breaches
The Southern Maryland Chronicle reports: The Federal Trade Commission finalized a settlement with GoDaddy on May 23, 2025, addressing allegations that the web hosting provider misled consumers about its data security practices, leading to multiple data breaches. The order, approved unanimously by a 3-0 vote, mandates significant security upgrades and prohibits GoDaddy from making false […]