NY State Comtroller DiNapoli released more school district audits last week. As always, DataBreaches.net looked to see what audits concerned IT security. New Rochelle City School District – Information Technology (2021M-142) Issued Date: December 17, 2021 Audit Objective Determine whether New Rochelle City School District (District) officials established adequate controls over network and financial application…
Category: Commentaries and Analyses
HIPAA Enforcement by State Attorneys General
HIPAAJournal has a nice piece on HIPAA enforcement action over the years by state attorneys general. You can access it here.
More than 1,200 phishing toolkits capable of intercepting 2FA detected in the wild
Catalin Cimpanu reports: A team of academics said it found more than 1,200 phishing toolkits deployed in the wild that are capable of intercepting and allowing cybercriminals to bypass two-factor authentication (2FA) security codes. Also known as MitM (Man-in-the-Middle) phishing toolkits, these tools have become extremely popular in the cybercrime underworld in recent years after major…
Washington State Data Breaches in 2021 – Analysis
The Washington State Attorney General report on data breaches reported to their office in 2021 shows a significant increase over previous years. No surprise there, right? From the Executive Summary: 2021 set a new record for the highest number of data breach notices sent to Washingtonians (6.3 million). This represents approximately an 80% increase on…
2021 Year in Review: Data Breach and Cybersecurity Litigations
Kristin Bryan, Rafael Langer-Osuna, Jesse Taylor, and Katie Sharpless of Squire Patton Boggs write: 2021 was another year of high activity in the realm of data event and cybersecurity litigations with several noteworthy developments. CPW has been tracking these cases throughout the year. Read on for key trends and what to expect going into the…
Phishing victim can’t claim $5 million loss for money it never ‘held’
File this one under how-well-do-you-really-understand-your-cyberinsurance-policy. Barbara Grzincic reports: A commercial-crime insurance policy didn’t cover RealPage for a $5 million phishing loss because the property-management service provider never “held” any of the purloined money, a federal appeals court held. The 5th U.S. Circuit Court of Appeals affirmed a win for AIG’s National Union Fire Insurance Company…