On February 3, DataBreaches quoted a press release by BakerHostetler about a breach update from DISA Global Solutions that DISA had issued on January 23, 2025. BakerHostetler’s release was subsequently removed from their website, although a copy still currently exists at PublicNow. Of note, in their main takeaways section, BakerHostetler quoted DISA’s update and commented:…
Category: U.S.
No need to hack when it’s leaking, Thursday edition: DM Clinical Research
Another day, another massive leak. Researcher Jeremiah Fowler reports that he found unsecured data with 1,674,218 records belonging to DM Clinical Research. DM Clinical Research is a Texas-based network of more than 24 multi-therapeutic clinical trial sites involved in research on vaccines, internal medicine, pediatrics, gastroenterology, psychiatry, neurology, women’s health, and more. DM Clinical Research’s…
Privilege Under Pressure: The Shifting Data Breach Investigation Landscape
Jena M. Valdetero and Emily S. Taetzsch of Greenberg Traurig, LLP write that in recent years, federal courts have narrowed the scope of protection for forensic reports produced in response to data breaches. As part of her discussion, she cites the Capital One case in 2020, the Wengui case in 2021, the Rutter’s case a few…
How federal rules on cybersecurity breach transparency for businesses were challenged in court in 2024
Dom DiFurio reports: In October, four companies collectively paid nearly $7 million as part of a settlement with the Securities and Exchange Commission for allegedly failing to properly inform investors of a cyberbreach affecting their companies, a liability American businesses have not previously faced. The companies were compromised in a cyberattack targeting their IT software provider in…
Cyberespionage groups or cybercriminals? UAV and C-UAV vendors and buyers are increasingly targeted
As Unmanned Aerial Vehicles (UAVs or “drones”) and Unmanned Aerial Systems (UAS) are increasingly deployed as part of military operations, there has also been an upsurge in counter-UAV (C-UAV) and counter-UAS technologies designed to detect and neutralize the threats they pose. Unsurprisingly, there has been an uptick in cyberespionage groups and cybercriminals attempting to acquire…
Health Net Federal Services, LLC and Centene Corporation Agree to Pay Over $11 Million to Resolve False Claims Act Liability for Cybersecurity Violations
From the U.S. Department of Justice, February 18, 2025 Note: View the settlement agreement here. Health Net Federal Services Inc. (HNFS) of Rancho Cordova, California and its corporate parent, St. Louis-based Centene Corporation, have agreed to pay $11,253,400 to resolve claims that HNFS falsely certified compliance with cybersecurity requirements in a contract with the U.S. Department…