CYBERSECURITY -
Joint Advisory Warns of Snatch Ransomware -
The FBI and CISA issued a Joint Cybersecurity Advisory “#StopRansomware: Snatch Ransomware” on September 20, 2023. The Advisory outlines the indicators of...more
CYBERSECURITY -
Joint Commission Issues Alert on Patient Safety After a Cyber-Attack -
On August 15, 2023, the Joint Commission issued a Sentinel Event Alert entitled “Preserving patient safety after a cyberattack,”...more
BNSF Railway, previously hit with a $228 million jury award for violating the Illinois Biometric Information Privacy Act (BIPA) when collecting fingerprints of employees, was recently awarded a new trial to determine damages....more
7/10/2023
/ Biometric Information ,
Biometric Information Privacy Act ,
BNSF Railway ,
Calculation of Damages ,
Damages ,
Data Collection ,
Data Privacy ,
Employer Liability Issues ,
Employment Litigation ,
Fingerprints ,
New Trial ,
Personal Data ,
Personally Identifiable Information
Montana Governor Greg Gianforte has signed SB 351, the Genetic Information Privacy Act (GINA), which “requires an entity to provide consumer information regarding the collection, use, and disclosure of genetic data; providing...more
On January 22, 2023, T-Mobile was sued in federal court in California alleging negligence, unjust enrichment, breach of express contract, breach of implied contract, and invasion of privacy over the recently-disclosed data...more
1/26/2023
/ Breach of Implied Contract ,
Cyber Attacks ,
Data Breach ,
Data Protection ,
Express Contract Terms ,
Invasion of Privacy ,
Negligence ,
Personally Identifiable Information ,
T-Mobile ,
Telecommunications ,
Unjust Enrichment ,
Wireless Industry
Israeli cybersecurity firm Hudson Rock has reported that the email addresses of more than 235 million Twitter users have been stolen and posted by more than one hacker on an online hacking forum. According to the security...more
CYBERSECURITY -
CISA Lists Top CVEs Exploited by Chinese State-Sponsored Cyber Actors -
The Cybersecurity & Infrastructure Security Agency (CISA) recently issued an Alert outlining the top Common Vulnerabilities and...more
10/21/2022
/ Artificial Intelligence ,
China ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Drones ,
Employee Monitoring ,
Geolocation ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Personally Identifiable Information ,
Popular ,
Robots
CYBERSECURITY -
FBI Issues Notice to Health Industry Highlighting Risks of Unpatched Medical Devices -
The FBI issued a Private Industry Notification targeted to the health care sector on September 12, 2022, warning...more
9/19/2022
/ Cyber Attacks ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Security ,
FBI ,
Hackers ,
Identity Theft ,
Online Safety for Children ,
Personally Identifiable Information ,
Vulnerability Assessments
CYBERSECURITY -
Twilio Hit with Social Engineering Smishing Scheme -
We’ve explained smishing schemes before. Smishing is like phishing, but uses SMS texting to deliver malicious code to users’ phones, or tricks the user...more
8/12/2022
/ Artificial Intelligence ,
Class Action ,
Cyber Attacks ,
Data Breach ,
Drones ,
Federal Aviation Administration (FAA) ,
Hackers ,
Identity Theft ,
Information Technology ,
Personally Identifiable Information ,
Phishing Scams ,
Popular ,
Social Engineering
CYBERSECURITY -
New York DFS Fines Robinhood $30M for “Significant” Cybersecurity Violations -
The New York Department of Financial Services (DFS) announced its first ever penalty against a cryptocurrency platform...more
8/4/2022
/ Cybersecurity ,
Data Breach ,
Data Protection ,
Drones ,
Federal Aviation Administration (FAA) ,
Financial Services Industry ,
Mobile Apps ,
NYDFS ,
Personally Identifiable Information ,
Robinhood Financial ,
Scams
What is Neopets you ask? It is a virtual pet website that gives members the ability to “own, raise, and play games with their virtual pets.” According to BleepingComputer, Neopets has experienced a data breach that has...more
Online mortgage lender Lending Tree sent breach notification letters to affected individuals on June 29, 2022. The letter advises those persons that their name, social security number...more
Ramping up the state’s continued focus on data privacy, on June 8, 2022, Colorado Governor Jared Polis signed legislation aimed at limiting the use of facial recognition technology by government agencies and state...more
6/16/2022
/ Biometric Information ,
Civil Liberties ,
Colorado ,
Consumer Privacy Rights ,
Data Collection ,
Data Privacy ,
Educational Institutions ,
Facial Recognition Technology ,
New Legislation ,
Personal Data ,
Personally Identifiable Information ,
Regulatory Reform ,
Students
CYBERSECURITY -
Verizon’s 2022 Data Breach Investigations Report: A Must Read -
I love Verizon’s annual Data Breach Investigations Report (DBIR). I have pored over its content every year since its inception in 2008. (Just...more
6/3/2022
/ California Privacy Rights Act (CPRA) ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Enforcement Actions ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Personally Identifiable Information ,
Popular ,
Regulatory Reform ,
Vulnerability Assessments
The Chicago Public Schools system is in the process of notifying students, families and some current and former employees that their personal information was compromised as a result of a ransomware attack against a technology...more
The American Civil Liberties Union (ACLU) filed suit against Clearview AI, Inc. (Clearview AI) in March 2020, alleging that it violated the Illinois Biometric Information Privacy Act (BIPA) by capturing and using billions of...more
5/13/2022
/ American Civil Liberties Union (ACLU) ,
Artificial Intelligence ,
Biometric Information ,
Biometric Information Privacy Act ,
Clearview AI ,
Consumer Privacy Rights ,
Data Collection ,
Data Privacy ,
Facial Recognition Technology ,
Personally Identifiable Information ,
Settlement Agreements ,
Statutory Violations
CYBERSECURITY -
Education Sector Continues to Get Hit with Ransomware Attacks -
According to Emsisoft, the education sector continues to experience ransomware attacks, with a whopping 1,043 schools affected by ransomware...more
5/6/2022
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Management ,
Data Privacy ,
Data Protection ,
Information Governance ,
Mobile Apps ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Vulnerability Assessments
I traveled this week by plane to a client to conduct a cybersecurity tabletop exercise—one of my favorite things to do (the tabletop, not the flying). -
To be able to use the wi-fi, everyone instructed in the gate area was...more
CYBERSECURITY -
Intelligence Points to Likely Russian Attacks on Critical Infrastructure -
The cybersecurity authorities of the United States (including CISA, FBI, NSA and DOE), Australia, Canada, New Zealand, and the...more
4/22/2022
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Hackers ,
Identity Theft ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Russia ,
Scams ,
Ukraine
Okta, which markets itself as a “leading provider of identity” in the healthcare, public sector, energy, financial services, technology, travel and hospitality, and nonprofit industries, has notified some of its customers...more
Indiana has amended its breach notification law to require entities to notify individuals “without unreasonable delay, but not more than forty-five (45) days after the discovery of the breach.” It clarifies that a delay is...more
Governor Mark Gordon signed the Wyoming Genetic Data Privacy Act into law on March 8, 2022. The law goes into effect on July 1, 2022.
The Genetic Data Privacy Act requires any business that collects genetic data from...more
There is a federal law, the Children’s Online Privacy Protection Act (COPPA), that requires app developers to obtain parental consent before collecting information from children under the age of 13. The law has been on the...more
3/11/2022
/ Children's Products ,
Children's Toys ,
Connected Items ,
COPPA ,
Data Collection ,
Federal Trade Commission (FTC) ,
Information Technology ,
Mobile Apps ,
Mobile Device Management ,
Online Safety for Children ,
Personally Identifiable Information ,
Smart Devices
CYBERSECURITY -
CISA/FBI Advisory Warns of Destructive Malware Used Against Ukraine -
The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI issued a joint advisory this week alerting organizations of...more
3/4/2022
/ Artificial Intelligence ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
FBI ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Identity Theft ,
Information Blocking Rules ,
Malware ,
Passwords ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Russia ,
T-Mobile ,
Ukraine ,
Vulnerability Assessments
On March 2, 2022, California Attorney General Rob Bonta urged individuals affected by the T-Mobile breach in 2021 to take advantage of resources to assist with preventing or responding to identity theft. According to the...more