Oh Seok-min reports on how SK Telecom is attempting to reassure panicked customers following a significant data breach: SK Telecom Co., South Korea’s leading mobile carrier, vowed Sunday to take full responsibility for any damage to customers caused by a recent network hacking incident involving the potential leak of subscriber information. Earlier this month, the…
North Dakota Expands Data Security Requirements and Issues New Licensing Requirements for Brokers
A.J. S. Dhaliwal, Mehul N. Madia, and Beineng Zhang of SheppardMullin write: On April 11, North Dakota enacted HB 1127, overhauling its regulatory framework for financial institutions and nonbank financial service providers. The law amends multiple chapters of the North Dakota Century Code and creates a new data security mandate for financial corporations—a category that includes non-depository entities regulated…
Oregon DEQ won’t say if ransomware group took employee data in cyberattack
Gosia Wozniacka of Oregon Live reports: The Oregon Department of Environmental Quality on Friday declined to confirm or deny reports that a well-known ransomware group stole employee files in a recent cyberattack at the agency. The department faced questions after several cybersecurity websites reported that ransomware group Rhysida is behind the cyberattack at the DEQ…
High Court rules landlord entitled to additional £6m indemnity from insurance broker after data breach
Matilda Battersby reports: A housing association’s broker has been found liable for “breach of duty” in a landmark High Court judgment. Watford Community Housing (WCH) brought a professional negligence claim against Arthur J Gallagher Insurance Brokers for failing to make “timely notifications” of a data breach to one of three of its insurers. Deputy High…
Oregon court dismisses lawsuit over 2023 MOVEit data breach affecting 3.5 million Oregonians
While the ransomware attack on the Oregon Department of Environmental Equality (DQE) is making headlines this month, there was also an update to a lawsuit stemming from the MOVEit breach in 2023 that affected 3.5 million Oregonians whose driver’s license and identity information was held by the Oregon Driver and Motor Vehicle Services. Aimee Green…
HHS OCR Settles HIPAA Ransomware Cybersecurity Investigation with Comprehensive Neurology, PC
Today, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a settlement with Comprehensive Neurology, PC (Comprehensive), a small New York neurology practice, concerning a potential violation of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule. The settlement resolves an OCR investigation of a ransomware…