Lawrence Abrams reports: Mint Mobile has disclosed a data breach after an unauthorized person gained access to subscribers’ account information and ported phone numbers to another carrier. According to the data breach notification email sent to affected subscribers this weekend, between June 8th and June 10th, a threat actor ported the phone numbers for a…
Category: Business Sector
Kroger reaches $5M settlement with Accellion breach victims, as Supreme Court defines ‘actual harm’
Jessica Davis reports: Kroger reached a $5 million lawsuit settlement with individuals impacted by a breach reported in February. The settlement was the third legal action tied to a health care data breach this week, shedding light on the rise in breach-related lawsuit trends in the sector in the last few years. Read more on…
New York Department of Financial Services Announces a $1.8 Million Settlement with Two Life Insurers for Data Breach Violations
Zachary Dyer, Steven Imber, Justin Liby, and Jennifer Osborn Nix of Polsinelli write: The New York Department of Financial Services (“NYDFS”) recently announced that it has entered into a Consent Order with two affiliated life insurers for alleged violations of New York’s Cybersecurity Regulation (the “NY Cybersecurity Regulation”). The NYDFS conducted an investigation and determined…
Insurance giant CNA reports data breach after ransomware attack
Sergiu Gatlan reports: CNA Financial Corporation, a leading US-based insurance company, is notifying customers of a data breach following a Phoenix CryptoLocker ransomware attack that hit its systems in March. […] “The investigation revealed that the threat actor accessed certain CNA systems at various times from March 5, 2021 to March 21, 2021,” CNA said…
Sg: Spooked by website hacking, ad firm beefs up security, stops using default passwords
Kenny Chee reports: A simple, default password shared by employees was possibly the weak link that allowed hackers to break into advertising and creative agency Splash Productions‘ website and deface it. The incident, which happened about five to six years ago, was a wake-up call that spurred the company to drastically improve its cyber security…
Ransomware-hit law firm gets court order asking crooks not to publish the data they stole
Gareth Corfield reports on what sounds like a legal Hail Mary play: A barristers’ chambers hit by a ransomware attack has responded by getting a court order demanding the criminals do not share stolen data. 4 New Square chambers, which counts IT dispute experts among its ranks, obtained a privacy injunction from the High Court…