Collaborate Disseminate
When the arrest of Conor Fitzpatrick, aka “Pompompurin,” was made known on March 17, 2023, the members of Breached.vc (“BreachForums”) were shocked to learn from court filings how poor their forum owner’s OpSec was and th… Continue reading Owner of BreachForums pleads guilty in federal court to a charge that shocks everyone
Christopher Brown reports: A data-breach victim whose personal information was subject to actual misuse has standing to sue the entity that suffered the breach, a federal appeals court said. Plaintiff Alexsis Webb plausibly alleged an injury-in-fact su… Continue reading Breach Victims Have Standing When Data Misused, 1st Circuit Says
There is an enforcement update to an incident noted on this site in 2018. The incident that involved New England Dermatology P.C., d/b/a New England Dermatology and Laser Center (“NDELC”) was summarized by HHS in their resolution agreement and correcti… Continue reading OCR Settles Case Involving Decade-Long Improper Disposal of Protected Health Information
FE Digital Currency reports: South Korea’s Financial Services Commission (FSC) has reported 16 foreign crypto exchanges to investigative agencies for violating the Specific Financial Information Act, Cryptoslate reported quoting news1. As per the repor… Continue reading South Korea to ban 16 unregistered overseas crypto exchanges
Jim Nash reports: A U.S. consumer finance regulator has published a circular warning that insufficient security for consumer biometric and other personal data is illegal under federal law. Multi-factor authentication is singled out as a method of makin… Continue reading US regulator urges MFA and puts banks on notice – not reasonably protecting data is illegal
Mike Masnick writes: If you accidentally leave your Google Drive accessible to anyone with the URL, and someone goes there and deletes stuff, is that “unauthorized access” and a violation of the CFAA? To me, the answer should be absolutely not. But in … Continue reading Dangerous Ruling Says If Someone Goes Onto Your Openly Shared Google Drive, You Can Sue Them For Unauthorized Access
CafePress Must Bolster Data Security Protections, Pay Half a Million Dollars The Federal Trade Commission finalized an order against CafePress over allegations that it failed to secure consumers’ sensitive personal data including Social Security number… Continue reading FTC Finalizes Action Against CafePress for Covering Up Data Breach, Lax Security
Scoop News Group is thrilled to announce the 2022 Best Bosses in Federal IT.
The post FedScoop announces the Best Bosses in Federal IT 2022 appeared first on CyberScoop.
Continue reading FedScoop announces the Best Bosses in Federal IT 2022
Brian Krebs writes: The U.S. Department of Justice (DOJ) recently revised its policy on charging violations of the Computer Fraud and Abuse Act (CFAA), a 1986 law that remains the primary statute by which federal prosecutors pursue cybercrime cases. Th… Continue reading What Counts as “Good Faith Security Research?”
Hunton Andrews Kurth writes: On June 1, 2022, Thailand’s Personal Data Protection Act (“PDPA”) entered into force after three years of delays. The PDPA, originally enacted in May 2019, provides for a one-year grace period, with the main operative provi… Continue reading Thailand’s Personal Data Protection Act Enters into Force