Hunton Andrews Kurth writes: On May 27, 2022, Vermont Governor Phil Scott signed H.515, making Vermont the twenty-first state to enact legislation based on the National Association of Insurance Commissioners Insurance Data Security Model Law (“MDL-668”). The Vermont Insurance Data Security Law applies to “licensees”—those licensed, authorized to operate or registered, and those required to be…
Author: Dissent
After a Breach, One Company’s Cybersecurity Claims Got Referenced in a Lawsuit
Joe Jabara writes: So it starts….with literally billions of dollars lost through cryptocurrency frauds and security breaches, it was only a matter of time before we started seeing a wave of litigation. On Monday, a case was brought in the United States District Court, Southern District of New York, by IRA Financial Trust against Gemini Trust Company…
District 207 Approves Cybersecurity Contract In Wake Of Attempted Breach
Igor Studenkov reports: Maine Township High School Dist. 207 Board of Education voted unanimously on Monday (June 6) to award a one-year cybersecurity contract to the company that helped the district prevent a security breach a few weeks earlier. The district considered bids from seven vendors. When one of the bidders, Texas-based Crowdstrike, was demonstrating…
Goodman Campbell Brain and Spine alerts patients to ransomware attack while continuing to provide care
Yesterday, Hive threat actors added Goodman Campbell Brain and Spine to their leak site, with a notice that they had encrypted the entity on May 20. They also provided some files as proof. But if Hive hoped this would pressure the multi-location medical entity, they seem to have misjudged their Indiana-based victim. On the homepage…
This is (One of Many Reasons) Why Districts Get Hit with Ransomware
Bill Fitzgerald writes: Even the smallest of school districts are complicated places. Communicating with stakeholders is hard to do well, and getting the details right is imperative. The details become even more important when school boards and superintendents try and communicate about school safety issues. When communication is done well, is not rushed, and goes…
Defensive Cyber Attacks Declared Legal by UK AG, Path Cleared to “Hack Back” When Critical Infrastructure & Services Attacked
Scott Ikeda reports: The Attorney General of the United Kingdom has declared the country can make use of defensive cyber attacks when “key services” (such as critical infrastructure and banks) are struck by foreign threat actors. The country is taking a formal position on extending international law to the digital realm, something that nations have…