Australia has ordered an Australian national, David Kee Crees, extradited to the U.S., where he faces 22 counts involving hacking, fraud, and aggravated identity theft. Two of Crees’ better-known aliases were “Abdilo” and “DR32.” “Abdilo” DataBreaches started reporting on Crees in 2015 when he was known to this site as “Abdilo.” At the time, he…
Category: Commentaries and Analyses
Third fine imposed by Polish SA on the Surveyor General of Poland for failure to notify the personal data breach
As seen on the European Data Protection Board website, a decision that reminds us how broad the definition of “personal information” is in the GDPR. The monetary penalty is not large by U.S. standards (slightly more than $12,100.00), but it’s the point and notification required. Background information Date of final decision: 6 July 2022 National…
CISA Requests Public Comment on Implementing Regulations for the Cyber Incident Reporting for Critical Infrastructure Act
Jim Garland, Micaela McMurrough, Ashden Fein, Caleb Skeath, and Matthew Harden of Covington and Burling write: On September 12, 2022, the U.S. Cybersecurity and Infrastructure Security Agency (“CISA”) published a Request for Information, seeking public comment on how to structure implementing regulations for reporting requirements under the Cyber Incident Reporting for Critical Infrastructure Act of 2022…
Correction
On September 20, DataBreaches published a post about an alleged hack of Ask.FM data from what was described as a March, 2020 hack. Ask.FM had not replied to this site’s inquiries by the time of publication. Ask.FM replied today and reminded me that they had addressed this same claimed hack in December 2021 when this…
Bjorka, the Online Hacker Trying To Take Down the Indonesian Government
Aisyah Llewellyn reports: The first that Indonesia heard about the hacker now known as Bjorka came when news broke at the beginning of September of a massive data leak. Some 1.3 billion SIM card registration details were stolen and listed for sale on a dark web online marketplace. The data was harvested in part as…
Held to Ransom: How Cyberattacks Can Become a Legal and Regulatory Odyssey for a Private Investment Fund
Ryan P. Blaney, Margaret A. Dale, Dorothy Murray, Todd J. Ohlms, and Jonathan M. Weiss of Proskauer write: …. Cyberattacks, by their very nature, know no borders and nor therefore should a private fund’s response The first of this two-part series considers immediate incident response steps and analyses whether to pay a ransom, from U.S.,…