In May of 2021, San Diego Family Care disclosed a data breach that resulted from a ransomware attack on their hosting provider, Netgain Technology. In a class action lawsuit, complainants alleged that SDFC failed to protect patients’ information adequately and that SDFC did not promptly notify patients after learning of the breach. The lawsuit has…
Category: Commentaries and Analyses
United States and EU Foster Cooperation Against Ransomware Attacks
Ransomware has become a global problem that requires cooperation on a worldwide level. Judicial experts and practitioners from the United States and the European Union participated in a two-day workshop in The Hague organized by the U.S. Department of Justice and Eurojust. The event aimed to share best practices and enhance collaboration in confronting ransomware…
‘Too Much’ Data Breach Disclosure May Risk Additional Cyber Vulnerabilities
Isha Marathe reports: Even before Russia’s invasion of Ukraine, cyberattacks had been on the rise, leading to provisions from regulatory bodies such as the mandatory disclosures of incidents to protect investors and alert other businesses alike. Now, some attorneys and cybersecurity experts are asking if forced reporting of breaches and attacks at the level of detail that the U.S….
Cloudflare Thwarted Largest Ever HTTPS DDoS Attack
The DDoS attack originated from 121 countries and was powered by a small botnet of only 5,067 hacked IoT devices. Debra Ahmed reports: Cloudflare has reported stopping a record-breaking HTTPS DDoS attack (distributed denial of service attack) this month. The company claims this attack peaked at 26 million requests per second (RPS), making it the largest ever…
Ransomware gang creates site for employees to search for their stolen data
Lawrence Abrams reports: The ALPHV ransomware gang, aka BlackCat, has brought extortion to a new level by creating a dedicated website that allows the customers and employees of their victim to check if their data was stolen in an attack Read more at BleepingComputer.
Cybercriminals use reverse tunneling and URL shorteners to launch ‘virtually undetectable’ phishing campaigns
Stephen Pritchard reports: A new way of carrying out phishing attacks is being adopted by criminal groups – and it could make threat actors virtually undetectable, security researchers warn. The technique involves using ‘reverse tunnel’ services and URL shorteners to launch large-scale phishing attacks. What’s more, the groups using these techniques leave no trace. Instead, threat actors…