Researchers at Heimdal Security have detected a new ransomware dubbed DeepBlueMagic. According to Heimdal, it is particularly concerning because it is able to disable security tools that companies have employed in order to...more
8/20/2021
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Hackers ,
Information Technology ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Risk Management ,
Vulnerability Assessments
There has been a flurry of reporting in the past few days on the T-Mobile customer data compromise, with allegations that the compromise affected up to 100 million customers. ...more
8/19/2021
/ Cell Phones ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Hackers ,
Personally Identifiable Information ,
Popular ,
T-Mobile ,
Telecommunications
CYBERSECURITY -
Cryptoheister(s) Return Stolen Booty -
Cryptocurrency platform Poly Network, which allows users to swap different types of digital tokens, was the victim of a cryptoheist that resulted in the thief...more
8/13/2021
/ Agribusiness ,
COPPA ,
Cryptocurrency ,
Cyber Crimes ,
Cybersecurity ,
Dark Web ,
Data Breach ,
Data Privacy ,
Data Protection ,
Drones ,
Federal Trade Commission (FTC) ,
Hackers ,
Personally Identifiable Information ,
Popular ,
Ransomware
To establish credibility for their new criminal marketplace, cyber criminals have posted details on over 1,000,000 credit cards, stolen between 2018 and 2019, including card number, CVV number, name and address on the dark...more
In an unusual but significant move, on August 4, 2021, the Federal Trade Commission (FTC) removed Aristotle International from the Children’s Online Privacy Protection Act (COPPA) Safe Harbor List. ...more
If you are an organization that uses Microsoft Office 365 as your email platform, be on the lookout for a new tricky phishing attack recently used by cyber criminals. ...more
8/4/2021
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Email ,
Hackers ,
Information Technology ,
Microsoft ,
Personally Identifiable Information ,
Phishing Scams ,
Popular ,
Risk Management ,
Vulnerability Assessments
The Florida Department of Economic Opportunity (DEO) recently announced that it discovered on July 16, 2021 that its online unemployment benefit system, CONNECT was compromised, potentially affecting personal information of...more
Mint Mobile notified a “small number” of customers last weekend that their personal information was compromised between June 8 and June 10, when a threat actor ported the phone numbers of those customers to another carrier...more
Ransomware attacks are frequent and escalating as we speak. Double extortion scams are hitting companies at a dizzying pace, and catching companies, large and small, off-guard. U.S. President Joseph Biden warned Russian...more
7/16/2021
/ Anti-Money Laundering ,
Biden Administration ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Enforcement Guidance ,
Hackers ,
Information Technology ,
Money Laundering ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Regulatory Reform ,
Risk Management ,
Virtual Currency
CYBERSECURITY -
Law Enforcement Takes Down DoubleVPN -
I love seeing another win for law enforcement in the cyber context. Servers and web domains owned by DoubleVPN, a virtual private network, were seized recently...more
7/2/2021
/ Cybersecurity ,
Data Management ,
Data Privacy ,
Data Protection ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Microsoft ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Scams ,
Volkswagen
University Medical Center in Las Vegas announced that it recently became the victim of a ransomware attack by REvil, a well-known threat actor that has attacked many hospitals and health systems with the Sodinokibi malware...more
Although a security researcher has confirmed that LinkedIn users’ data, including full names, gender, email addresses, telephone numbers, and industry information is for sale on RaidForums by a hacker self-dubbed “GOD User...more
7/1/2021
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Hackers ,
Information Technology ,
LinkedIn ,
Personally Identifiable Information ,
Phishing Scams
CYBERSECURITY -
Fertility Clinic in Georgia Notifies Patients of Data Breach -
Reproductive Biology Associates, LLC (RBA) and its affiliate, MyEggBank, notified approximately 38,000 patients that a data breach...more
Maximus, a contractor of the State of Ohio’s Medicaid program reported this week that it experienced a data breach that exposed Medicaid health providers’ names, dates of birth, Social Security numbers, addresses, and other...more
Reproductive Biology Associates, LLC (RBA) and its affiliate, MyEggBank, notified approximately 38,000 patients that a data breach involving a ransomware attack had exposed the patients’ full names, addresses, Social Security...more
6/24/2021
/ Clinical Laboratory Testing ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Fertility Treatments ,
Hackers ,
Health Care Providers ,
Information Technology ,
Personally Identifiable Information ,
Popular ,
Ransomware
People always ask me if law enforcement is having any luck in combatting cyber criminals. Let me be clear: it is a very tough job to take down cyber criminals located in other countries or sponsored by foreign nations. Our...more
6/18/2021
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Department of Justice (DOJ) ,
Enforcement Actions ,
Hackers ,
Personally Identifiable Information ,
Ransomware ,
User Login Credentials
Ever since the enactment of the Illinois Biometric Information Privacy Act (BIPA), we have been watching the development of laws around the collection, use, disclosure and retention of biometric information....more
6/10/2021
/ Biometric Information ,
Biometric Information Privacy Act ,
Compliance Management Systems ,
Consumer Privacy Rights ,
Data Collection ,
Employee Privacy Rights ,
Employer Liability Issues ,
Facial Recognition Technology ,
Fingerprints ,
Personal Data ,
Personally Identifiable Information
If you have been following Verizon’s annual data breach investigation reports like I have over the years, you get excited when the new one comes out. If you have never read the report, now’s your chance, as the 2021 report...more
CYBERSECURITY -
Coveware Q1 2021 Report Shows Increase in Ransomware Payments Over Q4 2020 Coveware issued its Q1 2021 -
Ransomware Report on April 26, 2021, which concludes that “[D]ata exfiltration extortion continues...more
5/7/2021
/ Apple ,
Contact Tracing ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Drones ,
Girl Scouts ,
Kroger ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Ransomware
Coveware issued its Q1 2021 Ransomware Report on April 26, 2021, which concludes that “[D]ata exfiltration extortion continues to be prevalent and we have reached an inflection point where the vast majority of ransomware...more
Pennsylvania Governor Tom Wolf announced this week that the Commonwealth will not continue to do business with its contact tracing vendor following a security incident that potentially exposed the personal information of...more
5/6/2021
/ Contact Tracing ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Electronic Medical Records ,
Hackers ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Vendor Contacts ,
Vendors
CYBERSECURITY -
Eversource Energy Notifies Customers of Data Breach -
Eversource Energy, which is the largest energy supplier in New England with 4.3 million customers in Connecticut, Massachusetts, and New...more
4/30/2021
/ Apple ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Hackers ,
iPhone ,
NYDFS ,
Personally Identifiable Information ,
Ransomware ,
SolarWinds
Eversource Energy, which is the largest energy supplier in New England with 4.3 million customers in Connecticut, Massachusetts, and New Hampshire, is notifying customers that their personal information was compromised on an...more
This week, the New York State Department of Financial Services (NYDFS) issued the Report on the SolarWinds Cyber Espionage Attack and Institutions’ Response....more
4/30/2021
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Security ,
Financial Institutions ,
Hackers ,
Information Sharing ,
NYDFS ,
Personally Identifiable Information ,
Popular ,
Russia ,
SolarWinds
CYBERSECURITY -
NSA Issues New Warning About Four Critical Patches to Microsoft Exchange Servers -
The National Security Agency (NSA) recently issued a warning to private industry about four zero-day vulnerabilities in...more
4/23/2021
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Drones ,
Facebook Inc v Duguid ,
Hackers ,
National Security Agency (NSA) ,
NBA ,
NYDFS ,
Personally Identifiable Information ,
Ransomware ,
SCOTUS