Privilege Under Fire: Protecting Forensic Reports in the Wake of a Data Breach
Baker Donelson writes: Read more at JDSupra. \
Legal aid hack: data from hundreds of thousands of people accessed, says Ministry of Justice
The Guardian reports that a significant cyberattack affecting the Legal Aid Agency in the UK affects both legal aid applicants and legal aid providers: The personal data of hundreds of thousands of legal aid applicants in England and Wales dating back to 2010, including criminal records and financial details, has been accessed and downloaded in a “significant” […]
Breachforums Boss to Pay $700k in Healthcare Breach
Brian Krebs reports: In what experts are calling a novel legal outcome, the 22-year-old former administrator of the cybercrime community Breachforums will forfeit nearly $700,000 to settle a civil lawsuit from a health insurance company whose customer data was posted for sale on the forum in 2023. Conor Brian Fitzpatrick, a.k.a. “Pompompurin,” is slated for resentencing next month […]
Japan enacts new Active Cyberdefense Law allowing for offensive cyber operations
The Record reports that Japan has enacted a new law that permits the country’s authorities to preemptively engage with adversaries through offensive cyber operations to prevent significant damage to the country: The new Active Cyberdefense Law mirrors recent reinterpretations of Article 9, providing Japan’s Self-Defence Forces with the right to provide material support to allies […]
New York Tightens the Breach Clock: 30 Days to Notify
As seen at Corporate Compliance Insights: Organizations handling New Yorkers’ data now face one of the country’s shortest breach notification deadlines. Morrison Foerster attorneys Melissa Crespo and Reiley Porter break down the state’s recent amendments that impose a 30-day notification requirement and expand protected information categories to include medical and health insurance data. Recent amendments […]
Charlotte Clinic Owner Agrees To Settle Allegations Of Medicaid Fraud
A press release from the U.S. Attorney’s Office, Western District of North Carolina: CHARLOTTE, N.C. – Steven Osbey, of Kernersville, N.C., has agreed to entry of a consent judgment against him in the amount of $4,711,159.00 in favor of the United States and State of North Carolina (the Governments), subject to a separate agreement regarding […]
Ninth Circuit Hands Users A Big Win: Californians Can Sue Out-of-State Corporations That Violate State Privacy Laws
The Electronic Frontier Foundation (EFF) announced the court win:
New York’s Latest Cyber Rules Pressure Small Companies, Vendors
Bloomberg Law reports: As another cybersecurity compliance deadline hits in New York, the impact may be most deeply felt by smaller companies—as well as vendors and other businesses outside the financial sector that technically aren’t within scope of the regulation. The New York Department of Financial Services’ (NYDFS) latest Cybersecurity Regulation amendments go into effect […]
Raytheon Companies and Nightwing Group to Pay $8.4M to Resolve False Claims Act Allegations Relating to Non-Compliance with Cybersecurity Requirements in Federal Contracts
A press release from the Department of Justice
North Dakota Expands Data Security Requirements
Seen on The National Law Review: On April 11, North Dakota enacted HB 1127, overhauling its regulatory framework for financial institutions and nonbank financial service providers. The law amends multiple chapters of the North Dakota Century Code and creates a new data security mandate for financial corporations—a category that includes non-depository entities regulated by the Department of Financial Institutions […]