Ionut Arghire reports: Honda has confirmed that researchers were indeed able to hack the remote keyless entry system of certain Honda vehicles to unlock the doors and start the engine. Over the weekend, security researchers Kevin2600 and Wesley Li from Star-V Lab published information on a security bug they identified in the rolling codes mechanism…
Category: Commentaries and Analyses
BlackCat (Aka ALPHV) Ransomware Is Increasing Stakes Up To $2.5M In Demands
A new blog post by Resecurity indicates that BlackCat’s average ransom demand is now over $2 million. They write: Based on the recently compromised victims in Nordics region, which haven’t been disclosed by the group yet, the amount to be paid exceeds $2 million. […] According to experts from Resecurity, BlackCat ransomware actors began defining…
Don’t Put All Your Eggs in the Silent-Cyber Basket
William P. Sowers Jr. and Michael S. Levine of Hunton Andrews Kurth write: The Eastern District of Pennsylvania recently gave another reminder why cyber insurance should be part of any comprehensive insurance portfolio. In Construction Financial Administration Services, LLC v. Federal Insurance Company, No. 19-0020 (E.D. Pa. June 9, 2022), the court rejected a policyholder’s attempt…
Family Practice Center discloses a breach from October 2021
DataBreaches really and truly does not understand how entities can take so long to investigate some breaches before disclosing them. If HHS feels that seven months from the first detection of an attack to notification is reasonable or acceptable, then let it change the regulations. If it is not acceptable and HHS wants entities to…
Associated Eye Care Partners, LLC discloses vendor breach. Can you guess which vendor?
One of the breach notices that showed up in routine searches this morning was from Associated Eye Care Partners, LLC (“AEC”). The first sentence of the notification letter was: We are contacting you to inform you of a data incident experienced by a third-party vendor for Associated Eye Care Partners, LLC (“AEC”). My mind…
The Norwegian SA issues fine to the Municipality of Østre Toten for flawed information security
Seen on the website of the European Data Protection Board, a decision by Norway’s data protection regulator imposed a 400,000 Eur fine (NOK 4 million) on a municipality that suffered a ransomware attack. The Norwegian Supervisory Authority found that the municipality’s security for personal data was seriously flawed and inadequate. Summary of the Decision Origin…