Collaborate Disseminate
Margi Murphy and Brian Platt report: Canadian authorities have arrested a man suspected of being behind a string of hacks involving as many as 165 customers of Snowflake Inc., according to people familiar with the matter. Following a request from the U… Continue reading Canada Arrests Man Suspected of Hacks of Snowflake Customers
On October 29, the Fourth Circuit Court of Appeals heard oral arguments in the government’s appeal of Conor Brian Fitzpatrick’s sentence. At issue was whether District Court Judge Leonie M. Brinkema had abused her discretion in sentencing … Continue reading Fourth Circuit hears oral arguments about the sentencing of “Pompompurin”
HHS OCR announced a second ransomware investigation settlement today. This one involved Bryan County Ambulance Authority (BCAA), a provider of emergency medical services in Oklahoma. The Bryan County Ambulance Authority breach occurred in November 202… Continue reading HHS Office for Civil Rights Settles HIPAA Ransomware Cybersecurity Investigation for $90,000
Over on Infosec.Exchange, Wendy Nather mentioned an open letter that is noteworthy for its approach to improving cybersecurity. The letter to presidential candidates’ transition teams, relevant federal agencies, and members of Congress begins: Th… Continue reading Open Letter to Prioritize Community Cybersecurity
How many data breaches can an entity have before either some regulator steps in with a corrective action plan or something happens to reduce the likelihood of more breaches? Consider the following: Breach # 1 On February 22, 2022, Minuteman Senior Ser… Continue reading How many similar breaches can one entity have in one year before regulators do something?
In April 2023, DataBreaches reported two ransomware groups had each listed Albany ENT & Allergy Services (AENT) on their respective leak sites. But one month later, when AENT sent notifications to regulators and 224,486 affected employees and pati… Continue reading Albany ENT & Allergy Services settles state charges stemming from two patient data breaches; agrees to spend $2.25M on security program
AUSTIN, Texas – The Department of Justice joined the Netherlands, Belgium, Eurojust and other partners in announcing an international disruption effort against the current version of RedLine Infostealer, one of the most prevalent infostealers in the wo… Continue reading U.S. Joins International Action Against RedLine and META Infostealers; unseals charges against Maxim Rudometov
From Operation Magnus: On the 28th of October 2024 the Dutch National Police, working in close cooperation with the FBI and other partners of the international law enforcement task force Operation Magnus, disrupted operation of the Redline and Meta inf… Continue reading Operation Magnus disrupts Redline and Meta infostealers
On October 23, the Personal Data Protection Commission of Singapore issued three undertakings with the follow statement: The new Undertakings reveals breaches stemming from various ransomware attacks due to the insufficient security IT measures impleme… Continue reading Personal Data Protection Commission of Singapore issues three undertakings stemming from ransomware attacks
Washington D.C., Oct. 22, 2024 — The Securities and Exchange Commission today charged four current and former public companies – Unisys Corp., Avaya Holdings Corp., Check Point Software Technologies Ltd, and Mimecast Limited – with making materially mi… Continue reading SEC Charges Four Companies With Misleading Cyber Disclosures