When the owner of the original BreachForums, Conor Fitzpatrick, aka “Pompompurin,” was sentenced in January of 2024 to time served plus 20 years supervised release with special conditions, it was a shock. Although young, Fitzpatrick had pleaded guilty to conspiracy to commit access device, access device fraud, and possession of child pornography. Based on federal…
AG James Sued Citi for Failing to Protect Customers from Fraud, Costing New Yorkers Millions NEW YORK – New York Attorney General Letitia James today announced a significant victory in her case against Citibank (Citi) after a judge denied Citi’s motion to dismiss the Office of the Attorney General’s (OAG) lawsuit on its core claims…
Joe Lazzarotti of JacksonLewis has a post on one of my favorite topics: insider threats. Insider threats continue to present a significant challenge for organizations of all sizes. One particularly concerning scenario involves employees who leave an organization and impermissibly take or download sensitive company data. These situations can severely impact a business, especially when…
Here’s today’s reminder not to just repeat threat actors’ claims without checking or attempting to verify them first: Qilin added a company to their dark web leak site that they misidentified as Richardson Sales Performance. It wasn’t Richardson Sales Performance. What they appear to have hit, based on their proof of claims screenshot, was a…
Mark Young & David Brazil of Covington and Burling write: On 15 January 2025, the European Commission published an action plan on the cybersecurity of hospitals and healthcare providers (the “Action Plan”). The Action Plan sets out a series of EU-level actions that are intended to better protect the healthcare sector from cyber threats. The publication of…
Legacy data and servers have bitten another entity. Kudos to Addison Northwest School District (ANWSD), though, for the clarity of their public notice, linked prominently from their home page. Their notice: We want to inform our community about a recent cybersecurity incident involving Addison Northwest School District (ANWSD). During an investigation into a breach affecting…