Jake Holland reports: Colonial Pipeline Co. and its owners acted negligently by employing lax cybersecurity standards that left the company vulnerable to a massive ransomware attack, a proposed Georgia federal court class action alleges. The company breached its duty to employ industry security standards, and that failure translated into system outages that harmed consumers by raising…
Category: Business Sector
CEFCO Allegedly Victim of Data Theft
Jackson Lewis reports: Hackers have posted 42 gigabytes of data allegedly stolen from CEFCO Convenience Stores on a website known as Marketo. The website indicates the stolen data includes “agreements, financial data, account lists, budget reports, NDAs and other interesting documents,” according to the post attached to the file online. Read more on CSP.
A former DarkSide listing shows up on REvil’s leak site
On May 15, Chum1ng0 reported that German furniture retailer Möbelstadt Sommerlad had been hit by DarkSide threat actors. By then DarkSide’s leak site was down and it had not been possible to confirm whether DarkSide had ever listed the retailer as a victim or dumped any proof of claim, but given the time frame of…
One Employee’s Accidental Email Leads To A Significant Data Breach Ruling in Federal Appeals Court
Jeffrey Csercsevits of Fisher Phillips writes: A federal appeals court recently addressed whether employees had standing to bring a lawsuit when their personally identifiable information (PII) was inadvertently circulated to other employees at the company, with no indication of misuse or external disclosure. In McMorris v. Carlos Lopez & Associates, LLC, the 2nd Circuit Court of…
After Colonial Pipeline Hack, U.S. to Require Operators to Report Cyberattacks
Rebecca Smith reports: The Transportation Security Administration intends to release the first of at least two security directives that would require pipeline operators to notify it when they are targets or victims of cyberattacks, according to senior officials at the Department of Homeland Security. The action, expected this week, also will require each company to…
Law Firm Responds To Data Breach Claim By… Leaking Data. Checkmate!
Joe Patrice reports: Law firms must always be supremely cautious with private information, but you can’t help but think a firm would add that little extra attention to the task when their client has already been sued for a data breach. Not only would another leak damage the client’s reputation further, you already know that…