Ninth Circuit Hands Users A Big Win: Californians Can Sue Out-of-State Corporations That Violate State Privacy Laws
The Electronic Frontier Foundation (EFF) announced the court win:
Yemeni Man Charged in Federal Indictment Alleging He Sent ‘Black Kingdom’ Malware to Extort Businesses, Schools, and Medical Clinics
May 1, 2025. A press release from the U.S. Attorney’s Office for the Central District of California: LOS ANGELES – A Yemeni national was charged today in a three-count federal grand jury indictment alleging he deployed the so-called “Black Kingdom” ransomware against computer servers owned organizations worldwide, including businesses, schools, and hospitals in the United States, […]
Raytheon Companies and Nightwing Group to Pay $8.4M to Resolve False Claims Act Allegations Relating to Non-Compliance with Cybersecurity Requirements in Federal Contracts
A press release from the Department of Justice
Texas HHSC Notifies Additional Individuals Regarding Wrongdoing by Employees
Texas Health and Human Services Commission April 30, 2025 AUSTIN – The Texas Health and Human Services Commission is notifying an additional 33,529 recipients of agency services and other affected individuals that their protected health, personal identifying or sensitive personal information may have been inappropriately accessed, used or disclosed. As a result of an internal […]
Ctrl+Alt+Disaster: How Oracle techies ‘wrong click’ brought 45 out of 72 CHS hospitals to their knees for 5 days
The Economic Times reports: A software malfunction triggered by Oracle engineers led to a five-day outage at multiple Community Health Systems (CHS) hospitals last week, forcing several facilities to switch to paper records after losing access to their digital systems. The disruption began on 23 April during scheduled maintenance, when Oracle personnel mistakenly deleted storage […]
VeriSource now says February data breach impacts 4 million people
Bleeping Computer reports: Employee benefits administration firm VeriSource Services is warning that a data breach exposed the personal information of four million people. VeriSource is a Texas-based employee benefits administration and HR outsourcing solutions provider with diverse clients across the U.S. The firm has begun data breach notifications to impacted individuals about a cybersecurity incident […]
Marks & Spencer breach linked to Scattered Spider ransomware attack
Bleeping Computer reports: Ongoing outages at British retail giant Marks & Spencer are caused by a ransomware attack believed to be conducted by a hacking collective known as “Scattered Spider” BleepingComputer has learned from multiple sources. Marks & Spencer (M&S) is a British multinational retailer that employs 64,000 employees and sells various products, including clothing, food, […]
DragonForce expands ransomware model with white-label branding scheme
Bleeping Computer reports: The ransomware scene is re-organizing, with one gang known as DragonForce working to gather other operations under a cartel-like structure. DragonForce is now incentivizing ransomware actors with a distributed affiliate branding model, providing other ransomware-as-a-service (RaaS) operations a means to carry out their business without dealing with infrastructure maintenance cost and effort. […]
The Sophos Annual Threat Report: Cybercrime on Main Street 2025
Sophos writes: Read more at Sophos.
FBI IC3, Verizon DBIR, Google M-Trends reports are out—here are key takeaways
Risky Biz News reports: There are a handful of seminal reports in the cybersecurity industry, and lo and behold, three of them were released on Wednesday. Mandiant’s team, now part of Google Cloud, released M-Trends, Verizon released its Data Breach Investigations Report (aka DBIR), and the FBI Internet Crime Complaint Center (IC3) released its yearly Internet Crime Report [PDF]. […]