Alex Berengaut of Covington & Burling analyzes some of the legal issues raised by the indictment of Marcus Hutchins (@malwaretechblog) for allegedly creating and conspiring to sell malware known as the Kronos banking trojan. He writes, in part: Since Hutchins’ indictment, commentators have questioned whether the creation and selling of malware—without actually using the malware—violates…
Month: August 2017
AU: OAIC investigating Flight Centre customer data leak
Allie Coyne reports: Travel agency Flight Centre is under investigation by the country’s privacy regulator after accidentally releasing personal information of an undisclosed number of its customers to third-party suppliers. The firm confirmed last month that “human error” was behind the data breach. It has not said how many customers were affected, nor what personal…
IT staffers may have compromised sensitive data to foreign intelligence
Paul Sperry reports: Federal authorities are investigating whether sensitive data was stolen from congressional offices by several Pakistani-American tech staffers and sold to Pakistani or Russian intelligence, knowledgeable sources say. What started out 16 months ago as a scandal involving the alleged theft of computer equipment from Congress has turned into a national-security investigation involving…
Tx: Institute for Women’s Health warns patients personal data compromised in network hack
Samantha Ehlinger reports: The Institute for Women’s Health warned patients that hackers may have stolen some of their personal information or credit or debit card data, the physicians’ group said Thursday. The San Antonio OBGYN practice said a so-called keylogger virus was installed on its network on June 5. The virus was discovered July 6…
Delaware Adds More Stringent Data Breach Notice Requirements
Leslie A. Pappas reports: Companies doing business in Delaware have until spring 2018 to meet more stringent data breach notification requirements under a new law signed Aug. 17. Companies will be required to tell state residents affected by a data breach within 60 days and notify the state attorney general if a breach affects more…
HBO hackers obtained all of HBO’s social media logins and GIPHY credentials
A new email arrived from “Mr. Smith” yesterday. It announced that the HBO “Giphy” platform had been hacked by the same group that hacked Game of Thrones. But it was more than just the GIPHY program access that was hacked. Attached to the email from Mr. Smith was a file with HBO’s passwords for all…