Marc S. Martin, Belinda Nixon, Samuel Klein, and Tyler Robbins of Perkins Coie write: In response to the increased frequency and severity of data breaches in the telecommunications industry, the Federal Communications Commission recently published a Notice of Proposed Rulemaking that seeks to strengthen and broaden its breach notification rules arising from the unauthorized disclosure of customer…
Category: Commentaries and Analyses
Sorry, Not Sorry: Guccifer, the Hacker Who Launched Clinton Email Flap, Speaks Out After Nearly a Decade Behind Bars
Sam Biddle reports: Marcel Lehel Lazar walked out of Federal Correctional Institute Schuylkill, a Pennsylvania prison, in August 2021. The 51-year-old formerly known only as Guccifer had spent over four years incarcerated for an email hacking spree against America’s elite. Though these inbox disclosures arguably changed the course of the nation’s recent history, Lazar himself…
The Unexpected Effect of the Introduction of Mandatory Breach Notification Requirements in Québec
Charles S. Morgan, Daniel G.C. Glover, and Eugen Miscoi of McCarthy Tétrault LLP write: Since September 22, 2022, organizations doing business in Québec have to report any confidentiality incidents (i.e., privacy breaches) that cause a risk of serious injury, due to the partial entry into force of An Act to modernize legislative provisions as regards the…
Bits ‘n Pieces (Trozos y Piezas)
ES: City Council of Durango “Completely Paralyzed” by Cyberattack The City Council of Durango in Biscay reports it is “completely paralyzed” by a cyberattack last Saturday. The news site Durangon quotes the Deputy Mayor, Iker Urkiza (machine translation) that the ‘hacking “has been serious” and that it will paralyze their computer systems “for weeks.” According…
Lorenz ransomware gang plants backdoors to use months later
Ionut Ilascu reports: Security researchers are warning that patching critical vulnerabilities allowing access to the network is insufficient to defend against ransomware attacks. Some gangs are exploiting the flaws to plan a backdoor while the window of opportunity exists and may return long after the victim applied the necessary security updates. One case is a…
A government watchdog spent $15,000 to crack a federal agency’s passwords in minutes
Zack Whittaker reports: A government watchdog has published a scathing rebuke of the Department of the Interior’s cybersecurity posture, finding it was able to crack thousands of employee user accounts because the department’s security policies allow easily guessable passwords like ‘Password1234’. The report by the Office of the Inspector General for the Department of the Interior, tasked with oversight…