Collaborate Disseminate
Christopher Brown reports: SolarWinds Corp. will pay $26 million to settle an investor suit alleging it failed to disclose security vulnerabilities before a massive cyberattack, under an agreement given final approval by a federal court. Investors alle… Continue reading SolarWinds’ $26 Million Deal in Russian-Hack Suit Gets Final Nod
Scott Greenfield comments on a ruling previously noted on this site: In an underappreciated ruling, District of Columbia Judge Amit Mehta ruled that the multinational law firm Covington & Burling must comply with an SEC subpoena requiring the firm … Continue reading Cyberattacks And Compromise of Attorney Client Confidences
The Centers for Medicare and Medicaid (CMS) has posted a notice on its site about a data breach at one of its contractors, Maximus Federal Services, Inc. Maximus was one of hundreds of victims of a 0day attack on MOVEit file transfer software by the Cl… Continue reading Centers for Medicare and Medicaid notifying 645,000 Medicare members about MOVEit breach
In what may be the largest health data breach reported so far in 2023, a government contractor affected by the MOVEit breach disclosed the breach in an SEC filing. ANS reports: Maximus, a US government services contracting company, has confirmed that … Continue reading Health data of more than 8 million people accessed by MOVEit hackers: US govt contractor
Jessica Lynn Hardcastle reports: Public companies that suffer a computer crime likely to cause a “material” hit to an investor will soon face a four-day time limit to disclose the incident, according to rules approved today by the US Securi… Continue reading Crooks pwned your servers? You’ve got four days to tell us, SEC tells public companies
ProPK reports: A fine which may extend to $2 million or an equivalent amount in Pakistani rupees would be levied on those who process or cause to be processed, disseminate, or disclose personal data in violation of any of the provisions of the “Persona… Continue reading Leaking Someone’s Personal Data Will Cost You Up to $2 Million in Pakistan
July 24 — as seen on OM.nl: Analysis of residual information from an investigation into arms trade led to the arrest of a 21-year-old man from Amsterdam at the beginning of this month. The Public Prosecution Service suspects the man of, among oth… Continue reading NL: Investigation into arms trade leads to suspected cybercriminal
Abigail Adcox reports: U.S. District Judge Amit Mehta of the District of Columbia has ruled that Covington & Burling must disclose to the U.S. Securities and Exchange Commission the names of seven clients whose information may have been exposed in … Continue reading In SEC Battle, Covington Ordered to Disclose Names of 7 Clients
On June 23, DataBreaches published the first of a series of interviews with Pepijn Van der Stap, aka “Umbreon.” Van der Stap, 21, was arrested in January and remains in detention, awaiting trial on charges that include hacking, data exfiltr… Continue reading Umbreon Unplugged: Unraveling the Sequel to Failures
The relaxing Sunday I was looking forward to did not quite work out as planned. Dutch researcher and all-around good-guy Jelle Ursem (aka @SchizoDuckie) got in touch with me about what appeared to him to be a sketchy site allegedly by a well-known pres… Continue reading Pointed to a phishing campaign targeting the healthcare sector, Microsoft leaps into action to … not even investigate?!