Sean O’Neill reports: A computer expert discovered a vulnerability in one of the systems used by travel distribution company Amadeus, which said it had fixed the issue and that none of the data was misused. Alp, an Israel-based travel subsidiary, is an online service used by Israeli travel agents and governmental travel agency Inbal to…
Month: May 2019
Two former employees booked for stealing data from their former company
More rogue employees. This time, at Specality Polyfilm Pvt Ltd. Read more at: Times of India.
Google disables Baltimore’s Gmail accounts used during ransomware recovery over mistaken security concern
Ian Duncan reports on how your emergency backup might fail for reasons you didn’t anticipate, perhaps. Gmail accounts used by Baltimore officials as a workaround while the city recovers from a ransomware attack were disabled because the creation of a large number of new accounts in one place triggered Google’s automated security system, a spokesman…
Phisher folk reel in Computacenter security vetting mailbox packed with sensitive staff data
Paul Kunert reports: The third-party mailbox used by Computacenter employees and contractors to deposit data for security clearance applications has been hacked and used in phishing scams. The company, one of Europe’s largest resellers, counts some of the biggest names in financial services among its corporate client base, and sells to a raft of local…
District Court Finds no CFAA Violation where Employee Shares Confidential Company Information with Competitor
Jason C. Gavejian and Maya Atrakchi of JacksonLewis write: A district court in Tennessee recently concluded in Wachter Inc. v. Cabling Innovations LLC that two former employees who allegedly shared confidential company information found on the company’s computer system with a competitor did not violate the Computer Fraud and Abuse Act (CFAA). The CFAA expressly…
China Released Core National Standards, Updating Mandatory Cybersecurity Requirements under the Cybersecurity Multi-level Protection Scheme
Yan Luo, Ashden Fein and Zhijing Yu of Covington & Burling write: On May 13, 2019, China’s State Administration for Market Regulation (“SAMR”) released three core national standards related to the country’s Cybersecurity Multi-level Protection Scheme (“MLPS”), describing technical and organizational controls that companies must follow when complying with MLPS-related obligations under the Cybersecurity Law…