Grace Ferguson reports: When the personal information of students and employees at Fairfax County Public Schools showed up on the dark web in October 2020, the Virginia school district had been in a standoff with hackers for nearly a month. Even with help from the FBI, Virginia State Police, and a hired cybersecurity firm, the district…
Category: Commentaries and Analyses
The ‘Groove’ Ransomware Gang Appears to Have Been a Hoax — But Was Any of It Real?
Brian Krebs writes: A number of publications in September warned about the emergence of “Groove,” a new ransomware group that called on competing extortion gangs to unite in attacking U.S. government interests online. It now appears that Groove was all a big hoax designed to toy with security firms and journalists. You can read more…
Second Circuit rules that risk of future identity theft not enough to support standing in data breach class action
Elizabeth Casale, Rachel Harris, Layla Husen, and Luke Sosnicki of of Thompson Coburn write: The Second Circuit recently joined a growing number of federal courts to decide when a data breach of personally identifiable information (“PII”) is actionable. According to the Second Circuit, plaintiffs do not have standing to bring a lawsuit when there is…
Kr: Facebook recommended to pay 300,000-won compensation per victim over personal data breach
Yonhap News Agency reports: The state watchdog on personal information protection on Friday recommended the operator of Facebook to pay 300,000 won (US$256.70) in compensation to each of 181 users demanding damages for the provision of their personal information to third parties without consent. The recommendation to Meta Platforms, Inc. was made by the Personal…
Customers Can Pursue Negligence Claims Directly Against Vendor (Blackbaud)
David Kessler and Susan Ross write: On October 19, 2021, a federal trial court in South Carolina ruled that a group of consumers could proceed with common law negligence and gross negligence claims directly against their organizations’ vendor that had been the victim of a security breach—instead of suing the organizations of which they were…
FBI warns of Ranzy Locker ransomware threat, as over 30 companies hit
Graham Cluley writes: The FBI has warned that over 30 US-based companies had been hit by the Ranzy Locker ransomware by July this year, in a flash alert to other organisations who may be at risk. According to the alert, issued with the Cybersecurity and Infrastructure Security Agency (CISA), most of the victims were compromised after brute…