The following enforcement action was related to FTC action, also announced today, but is a separate settlement with states. The following press release is from Connecticut’s Attorney General: (Hartford, CT) – Attorney General Tong announced today that a coalition of 50 attorneys general, co-led by Connecticut, has reached a settlement with Marriott International, Inc. as…
Category: Business Sector
FTC Takes Action Against Marriott and Starwood Over Multiple Data Breaches
From the Federal Trade Commission: The Federal Trade Commission will require Marriott International, Inc. and its subsidiary Starwood Hotels & Resorts Worldwide LLC to implement a robust information security program to settle charges that the companies’ failure to implement reasonable data security led to three large data breaches from 2014 to 2020 impacting more than 344…
Ex-Uber CISO Requests a New, ‘Fair’ Trial
Kristina Beek reports: Former Uber CISO Joseph Sullivan, convicted in 2023 of trying to cover up a data breach, is seeking a new trial, citing procedures omissions from his original trial that his lawyers said tainted the verdict. Sullivan was initially convicted on charges related to Uber’s 2016 data breach and was sentenced to three years of…
MoneyGram now says customer data was impacted in security incident
It reportedly was not a ransomware attack, but MoneyGram has now confirmed it did lose sensitive customer data in the recent cyberattack against its business. Sead Fadilpašić reports: In a data breach notification letter sent to affected customers and published on the company’s website, hackers were able to access MoneyGram’s networks for two days, between…
Ukrainian court sentences hackers who carried out over 5,000 cyberattacks for Russia
Dmytro Basmat reports: Ukrainian court has sentenced in absentia two members of the Russian security service-backed (FSB) hacker group “Armageddon” for having carried out more than 5,000 cyberattacks against Ukrainian institutions and critical infrastructure, Ukraine’s State Security Service (SBU) said on Oct. 8. Russian hackers have regularly targeted various Ukrainian government institutions as well as businesses with…
ADT Says Outside Party Obtained Employee Data in Cybersecurity Incident
Connor Hart reports: ADT is working with third-party cybersecurity experts and federal law enforcement to address an incident in which an outside party had illegally accessed its network, obtaining encrypted employee data. The Boca Raton, Fla., home-security company on Monday said that the outside party, which it called an unauthorized actor, was able to access…