Collaborate Disseminate
Thomas Brewster reports: A hacker told the FBI earlier this year that he sold access to the personal data of Marriott hotel customers on a Russian forum, according to a search warrant obtained by Forbes. He also hacked into a number of U.S. state death… Continue reading A Hacker Faked His Own Death–Then Claimed To Have Sold Marriott Customer Data To Russians, FBI Says
On November 12, DataBreaches published an OpEd, If entities continue to obfuscate and lie, it’s time to mandate more transparency in breach disclosures. Today, we post another example of why we need to legislate and enforce data breach notification law… Continue reading Does claiming you were hacked when you had really just screwed up violate the FTC Act?
Jennifer LaGrassa reports: For the first time, top leadership from the five southwestern Ontario hospitals hit by a ransomware attack answered questions from the media — acknowledging the significant impact the incident has had on care, as well as the … Continue reading CEOs of Ontario hospitals hit by ransomware attack provide updates on impact and look for no ransom payment legislation
Hunton Andrews Kurth writes: Patrick Gunning from King & Wood Mallesons reports that, on November 2, 2023, the Australian Information Commissioner filed proceedings in the Federal Court of Australia against Australian Clinical Labs Limited seeking … Continue reading Australian Privacy Regulator Sues in MedLab Pathology Data Breach Case
In addition to Florida, represented by Consumer Protection Division Multistate and Privacy Bureau Chief Patrice Malloy and Senior Assistant Attorney General Diane Oates, the following states joined the action: Connecticut, Indiana, New Jersey, New York… Continue reading States settle with Morgan Stanley for $6.5 million over data security incidents
Today, CISA released the Mitigation Guide: Healthcare and Public Health (HPH) Sector as a supplemental companion to the HPH Cyber Risk Summary, published July 19, 2023. This guide provides defensive mitigation strategy recommendations and best practice… Continue reading CISA Releases The Mitigation Guide: Healthcare and Public Health (HPH) Sector
Brian Krebs reports: Prosecutors in Finland this week commenced their criminal trial against Julius Kivimäki, a 26-year-old Finnish man charged with extorting a once popular and now-bankrupt online psychotherapy practice and thousands of its patients. … Continue reading Alleged Extortioner of Psychotherapy Patients Faces Trial
TLP:CLEAR Product ID: AA23-320A November 16, 2023 SUMMARY The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory (CSA) in response to recent activity by Scat… Continue reading CISA Advisory: Scattered Spider
Earlier today, AlphV added MeridianLink to their leak site. MeridianLink (MLNK) is the provider of a loan origination system and digital lending platform for financial institutions. AlphV’s listing has been temporarily removed to be updated, but … Continue reading AlphV files an SEC complaint against MeridianLink for not disclosing a breach to the SEC (2)
Zeba Siddiqui, Christopher Bing, and Raphael Satter report: The U.S. Federal Bureau of Investigation (FBI) has struggled to stop a hyper-aggressive cybercrime gang that’s been tormenting corporate America over the last two years, according to nin… Continue reading FBI knows identities of some U.S. members of “Scattered Spider,” but no arrests so far?