Collaborate Disseminate
Mark P. Henriques of Womble Bond Dickinson has a content-rich post for defense lawyers: Class actions arising from data breach represented the fastest growing segment of class action filings. In 2023, more than 2000 class actions were filed, more than … Continue reading Defending Data Breach Class Actions
Abdulrahman H. Alamri and Lexie Mooney of Dragos write: The third quarter (July – September) of 2024 brought transformative shifts to the ransomware landscape, emphasizing its dynamic and continuously evolving nature. The ransomware threat ecosystem re… Continue reading Dragos Industrial Ransomware Analysis: Q3 2024
Jonathan Greig reports: Federal civilian agencies were ordered to secure their Microsoft cloud systems after several recent cyber incidents. The Cybersecurity and Infrastructure Security Agency (CISA) issued a binding directive on Tuesday giving federa… Continue reading CISA orders federal agencies to secure Microsoft cloud systems after ‘recent’ intrusions
DataBreaches will leave it to others to critique Byte Federal’s data security prior to their reported incident(s), but DataBreaches is giving them a huge “bravo!” for their detailed disclosure that explains, to the best of their knowl… Continue reading A positive example of forthright breach disclosure
Aaron Sanderford reports: Nebraska on Monday became the first state to sue Tennessee-based Change Healthcare over the company’s massive data breach that cost at least 575,000 Nebraskans their personal information and medical records. … The breach… Continue reading Nebraska AG becomes first state to sue Change Healthcare over massive data breach
Aimee Ortiz reports: The personal and private information of possibly hundreds of thousands of people who applied for government assistance in Rhode Island could be in the hands of hackers after a huge cyberattack, state officials said on Friday. The c… Continue reading Rhode Island Residents’ Data Breached in Large Cyberattack; Data May Be Leaked Soon
Jeremiah Fowler discovered a non-password-protected database that contained more than 4.8 million records belonging to Care1 — a Canadian company offering AI software solutions to support optometrists in delivering enhanced patient care: The publicly e… Continue reading No need to hack when it’s leaking, Canadian edition: Care1
A press release from Dutch Politie: Starting this week, law enforcement agencies from fifteen different countries, together with Europol, are once again taking large-scale action against DDoS-for-hire services. In Operation PowerOFF, three arrests were… Continue reading Global Police Action Against DDoS Attackers: Operation PowerOFF
The following announcement by HHS OCR stems from an accidental exposure of protected health information online that continued for several years. Inmediata’s incident resulted in a class action lawsuit that was settled for $1.1 million in 2022, an… Continue reading HHS OCR settles charges that Inmediata Health Group exposed 1.6 million patients’ PHI online
Carly Page reports: Security researchers are warning that hackers are actively exploiting another high-risk vulnerability in a popular file transfer technology to launch mass hacks. The vulnerability, tracked as CVE-2024-50623, affects software develop… Continue reading Hackers are exploiting a flaw in popular file-transfer tools to launch mass hacks, again