Dom DiFurio reports: In October, four companies collectively paid nearly $7 million as part of a settlement with the Securities and Exchange Commission for allegedly failing to properly inform investors of a cyberbreach affecting their companies, a liability American businesses have not previously faced. The companies were compromised in a cyberattack targeting their IT software provider in…
Category: U.S.
Cyberespionage groups or cybercriminals? UAV and C-UAV vendors and buyers are increasingly targeted
As Unmanned Aerial Vehicles (UAVs or “drones”) and Unmanned Aerial Systems (UAS) are increasingly deployed as part of military operations, there has also been an upsurge in counter-UAV (C-UAV) and counter-UAS technologies designed to detect and neutralize the threats they pose. Unsurprisingly, there has been an uptick in cyberespionage groups and cybercriminals attempting to acquire…
Health Net Federal Services, LLC and Centene Corporation Agree to Pay Over $11 Million to Resolve False Claims Act Liability for Cybersecurity Violations
From the U.S. Department of Justice, February 18, 2025 Note: View the settlement agreement here. Health Net Federal Services Inc. (HNFS) of Rancho Cordova, California and its corporate parent, St. Louis-based Centene Corporation, have agreed to pay $11,253,400 to resolve claims that HNFS falsely certified compliance with cybersecurity requirements in a contract with the U.S. Department…
Ransomware attack affects Michigan casinos and tribal health centers
On February 15, the RansomHub ransomware group claimed responsibility for an attack on the Sault Ste. Marie Tribe of Chippewa Indians. RansomHub claims to have “temporarily locked” the tribe’s infrastructure and to have acquired 119 GB of files (501, 211 files). The affected systems reportedly include casinos, convenience stores, government buildings, and telecommunications services, but…
Bill raising the bar for class-action suits in data breach incidents advances
Rural Radio reports: A measure that would raise the bar for filing class-action lawsuits in state courts against private entities that suffer a cybersecurity breach has received first round approval in the Nebraska Legislature. Lawmakers spent a considerable amount of floor debate Tuesday and today discussing LB 241, which would require willful, wanton, or gross…
Virginia AG’s office says it was struck by ‘sophisticated cyberattack’
Laura Vozzella reports: A “sophisticated cyberattack” struck the offices of Virginia Attorney General Jason S. Miyares on Wednesday, forcing the agency to shut down computer systems and resort to paper court filings as Virginia State Police and the FBI investigate. “Unfortunately our agency has been the victim of what appears to be a sophisticated cyberattack,”…