Collaborate Disseminate
Lord cleaned up the Democratic Party’s cybersecurity practices in the aftermath of the 2016 hacks.
The post Former DNC security officer Bob Lord joins CISA appeared first on CyberScoop.
Continue reading Former DNC security officer Bob Lord joins CISA
Every massive breach comes with a trail of lawsuits and regulatory ramifications that can last for years. Home Depot, for instance, only last month settled with a group of state attorneys general over its 2014 breach. The SolarWinds security incident that U.S. officials have pinned on state-sponsored Russian hackers is unlike anything that came before, legal experts say, meaning the legal liability could take even longer to resolve in court. As Congress, federal government departments and corporations reckon with the vast sweep of the SolarWinds breach, there are still many more questions than answers. Fewer pieces of it are less certain than how it might play out in court, where companies and individuals alike stand to gain or lose. Many millions of dollars, corporate blame and years of finger-pointing are on the line. That’s because the targets — government agencies, and some major companies — aren’t the usual kind of […]
The post SolarWinds hack spotlights a thorny legal problem: Who to blame for espionage? appeared first on CyberScoop.
Continue reading SolarWinds hack spotlights a thorny legal problem: Who to blame for espionage?
Plaintiffs suing Yahoo for failing to protect all of the company’s 3 billion users can move forward with the majority of their case, a federal judge in California ruled on Friday. U.S. District Judge Lucy Koh denied in part a motion by Verizon, which owns Yahoo, to dismiss the case. The plaintiffs are claiming that Yahoo was too slow to correct security vulnerabilities, as well as disclose three data breaches between 2013 and 2016. Since Yahoo’s breaches affected virtually every user, the plaintiffs are seeking class certification. “Plaintiffs explain that, had they known about the inadequacy of these security measures, they ‘would have taken measures to protect themselves,’” Koh writes in the ruling. “Plaintiffs’ allegations are sufficient to show that they would have behaved differently had Defendants disclosed the security weaknesses of the Yahoo Mail system.” The plaintiffs argue that the breaches have put them at risk of identity theft and forced them to spend time […]
The post Victims can sue Yahoo for massive breaches, federal judge says appeared first on Cyberscoop.
Continue reading Victims can sue Yahoo for massive breaches, federal judge says
U.S. officials will be indicting four people in connection to the cyberattacks against Yahoo that compromised information related to 1 billion user accounts, according to multiple reports. The Department of Justice is said to target one individual based in Canada and three based in Russia, according to a Bloomberg report. An arrest of the Canadian person could happen as soon as Tuesday. The Department of Justice is holding a press conference Wednesday in Washington, D.C., to announce the indictment. It was revealed in October that user details from more than 500 million Yahoo accounts — including names, birth dates and encrypted passwords — were stolen nearly two years ago by state-sponsored hackers. Email addresses “and, in some cases, encrypted or unencrypted security questions and answers” were also included in the stolen data, but not payment card data or bank account information, which was stored in a separate system. Yahoo then disclosed in December another security incident […]
The post Justice Dept. to charge four over Yahoo mega-breaches appeared first on Cyberscoop.
Continue reading Justice Dept. to charge four over Yahoo mega-breaches
U.S. officials will be indicting four people in connection to the cyberattacks against Yahoo that compromised information related to 1 billion user accounts, according to multiple reports. The Department of Justice is said to target one individual based in Canada and three based in Russia, according to a Bloomberg report. An arrest of the Canadian person could happen as soon as Tuesday. The Department of Justice is holding a press conference Wednesday in Washington, D.C., to announce the indictment. It was revealed in October that user details from more than 500 million Yahoo accounts — including names, birth dates and encrypted passwords — were stolen nearly two years ago by state-sponsored hackers. Email addresses “and, in some cases, encrypted or unencrypted security questions and answers” were also included in the stolen data, but not payment card data or bank account information, which was stored in a separate system. Yahoo then disclosed in December another security incident […]
The post Justice Dept. to charge four over Yahoo mega-breaches appeared first on Cyberscoop.
Continue reading Justice Dept. to charge four over Yahoo mega-breaches