A story on ZDNet is headlined, “FTC gives two companies a slap on the wrist after appalling hacks.” That headline may be true as far as it goes, but it’s a bit unfair or misleading, so let’s dive into this a bit more. Catalin Cimpanu reports: The US Federal Trade Commission has agreed to settle…
Category: Breach Incidents
Greek DPA Issues EUR 30,000 Fine For Data Protection Violation by Hellenic Petroleum S.A.
Hunton Andrews Kurth writes: On April 15, 2019, the Greek Data Protection Authority (“DPA”) fined Hellenic Petroleum S.A. EUR 20,000 for unlawful processing of personal data and EUR 10,000 for failing to adopt appropriate data security measures. Hellenic Petroleum S.A. had engaged a vendor to conduct a study on its behalf. The study was exposed…
Illinois dental insurer notifies members after phishing attack
Delta Dental is the largest dental plan system in the United States, composed of 39 member companies. Today, Delta Dental of Illinois disclosed a security incident affecting an unspecified number of their insured members and dependents. According to the notification signed by their CEO, they recently learned that an employee had fallen prey to a…
Marcus Hutchins’ plea leaves unsettled whether writing certain types of code is illegal – Ekeland
In May, 2017, a young man from the U.K. became known as an “accidental hero” for saving the world from the further spread of WannaCry ransomware. But months later, this same hero, Marcus Hutchins, known online as @MalwareTech, was arrested in the U.S. as he tried to fly home after attending the Black Hat and…
The 2018 Internet Crime Report is out: a first glance
The The FBI’s Internet Crime Complaint Center (IC3) 2018 Internet Crime Report has been released. The report includes information from 351,936 complaints of suspected Internet crime, with reported losses in excess of $2.7 billion. Here’s a spoiler alert, as I haven’t had time to read the entire report yet. From their summary: This past year,…
Bodybuilding.com experiences data security incident
CBS2 reports: Bodybuilding.com announced Friday that some of their employment-related information may have been accessed in a data security incident. The possible information accessed could have been group health plan subscriber information, such as protected health information of certain employees and former employees. “While the Company has no evidence that personal information was accessed or…