TopClassActions reports that a class action lawsuit against Orlando Family Physicians (OFP) has settled for an undisclosed sum. The settlement, which doesn’t include any admission of guilt by OFP, resolves claims surrounding an April 2021 data breach. The breach reportedly occurred when four OFP employees fell prey to a phishing attack. Although the attack was…
Category: Commentaries and Analyses
Google Reveals Samsung Phones Could Be Hacked Without Owners Knowing: Here’s How
Dane Enerio reports: Google has warned that some of its smartphones running the company’s own Android operating system, as well as other devices from manufacturers such as Samsung and Vivo, could be accessed by third-party actors without owners ever becoming aware of such a breach. A total of 18 zero-day vulnerabilities, or exploits previously only…
CISA Advisory: #StopRansomware: LockBit 3.0
Release Date: March 16, 2023 Alert Code: AA23-075A SUMMARY Note: this joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to…
BianLian Ransomware Pivots From Encryption to Pure Data-Theft Extortion
Elizabeth Montalbano reports: The BianLian ransomware group is ramping up its operations and maturing as a business, moving more swiftly than ever to compromise systems. It’s also moving away from encryption to pure data-theft extortion tactics, in cyberattacks that have so far bagged at least 116 victims, researchers have found. BianLian, first discovered last July, hasn’t deviated much…
Current Turmoil and Future Risks in Resolving Data Breach Class Actions
Here’s an interesting post by Mark Olthoff of Polsinelli law firm discussing recent developments in class action lawsuits. Here are some snippets: First, an increasing number of data breach lawsuits are being filed in state court rather than in federal court. Several possible reasons exist for this development. For one, federal courts have limited subject…
Romanian entities issued monetary penalties for infosecurity and data protection failures
Regulators in Romania have issued monetary penalties to six Romanian entities for insufficient technical and organizational measures to ensure information security. Two other entities were issued fines for other GDPR violations. The fines for insufficient technical and organizational measures ranged from 1,000 to 10,000 euros. Two of the entities were in the medical center. A…