From the Wyoming Department of Health, a report involving another GitHub leak: Exposure of Laboratory Test Result Data Described April 27, 2021 The Wyoming Department of Health (WDH) is announcing a mistaken exposure of laboratory test result data involving the health information of thousands of Wyoming residents and others, as well as describing its plan…
Author: Dissent
Ransomware gang targets Microsoft SharePoint servers
Catalin Cimpanu reports: The group behind the attacks targeting SharePoint servers is a new ransomware operation that was first seen at the end of 2020. The group is tracked by security vendors under the codenames of Hello or the WickrMe ransomware—because of its use of Wickr encrypted instant messaging accounts as a way for victims to reach out and…
District Court in Third Circuit Confirms That, When it Comes to Data Breaches, Actual Misuse Must be Alleged
Aaron C. Garavaglia of Squire Patton Boggs writes: Every federal lawsuit requires standing for the court to have subject matter jurisdiction to hear the case, and standing requires an injury-in-fact. As seen from our coverage this morning out of the Second Circuit. In Derrick McCray v. John E. Wetzel & President, No. 3:20-cv-139, 2021 U.S. Dist. LEXIS…
Is It Ethical To Buy Breached Data?
Gary Stevens writes: Research that’s done on malicious breaches of data presents a unique conundrum for the security professionals who are doing the investigating: should access to sets of breached raw data become available to public users and, if so, how? In light of the pandemic, the acceleration toward location-distributed work has the potential to…
In major ruling, 2nd Circuit says no circuit split on data breaches and standing
Alison Frankel reports: For years, I’ve been writing about a split among the federal circuits on whether data breach victims can establish a right to sue in federal court merely by showing that they are at increased risk of identity theft. Just a couple of months ago, when the 11th U.S. Circuit Court of Appeals held in…
Reverb discloses data breach exposing musicians’ personal info
Lawrence Abrams reports: Popular musical instrument marketplace Reverb has suffered a data breach after an unsecured database containing customer information was exposed online. Reverb is the largest online marketplace devoted to selling new, used, and vintage musical instruments and equipment. Today, Reverb customers began receiving data breach notifications stating that customer information was exposed, including…