John Cleary and Shundra Crumpton Manning of Polsinelli write: Data breach class action litigation continues to occupy center stage in the ongoing struggle to secure compensation and redress for legitimate victims of actionable cybersecurity shortcomings of data owners. The underlying scenarios in these cases encompass criminal hacking episodes, rogue employees, carelessness and unforeseen material gaps…
Author: Dissent
Push to ban ransomware payments following Australia’s biggest cyberattack
Luke Huigsloot reports: The Australian government is being pushed to ban the payment of cyber ransoms, usually demanded in cryptocurrency, following a local business suffering a mass data breach and subsequent ransom demand. […] The Australian government’s lead cybersecurity agency, the Australian Cyber Security Centre (ACSC), currently recommends that victims of ransomware attacks never pay…
‘Headlight Hackers’ Are Stealing Cars Via CAN Interference
Adrianna Nine reports: Car thieves have found a sophisticated new way to snatch vehicles off the streets, and it’s called “headlight hacking.” The method involves accessing a car’s Controller Area Network (CAN) bus, a system that allows multiple devices within a vehicle build to communicate with each other in real time. Ian Tabor, an automotive…
HHS Office for Civil Rights Announces the Expiration of COVID-19 Public Health Emergency HIPAA Notifications of Enforcement Discretion
Notifications of Enforcement Discretion expire at 11:59 pm on May 11, 2023 Today, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announces that the Notifications of Enforcement Discretion issued under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health…
Culbertson Memorial critical systems fully restored after cyber attack
Twelve days after a cyberattack, Culbertson Memorial Hospital reports that its critical systems are back online. The hospital has not revealed more details about the type of attack, and reports that it does not yet know whether patient data was compromised.
Battle could be brewing over new FCC data breach reporting rules
Cynthia Brumfield reports: On January 6, the United States Federal Communications Commission (FCC) launched a notice of proposed rulemaking (NPRM) to update its data breach reporting rules for telecommunications carriers. “The law requires carriers to protect sensitive consumer information but, given the increase in frequency, sophistication, and scale of data leaks, we must update our rules to…