On February 15, yours truly created an entry in the worksheet I maintain for tabulating U.S. incidents involving health data or protected health information. The entry listed “Capital Medical Center” in Washington as the breached entity, the date of disclosure as February 15, 2021, and the type of incident as a claimed ransomware attack by Avaddon…
Category: Commentaries and Analyses
District Court in Third Circuit Confirms That, When it Comes to Data Breaches, Actual Misuse Must be Alleged
Aaron C. Garavaglia of Squire Patton Boggs writes: Every federal lawsuit requires standing for the court to have subject matter jurisdiction to hear the case, and standing requires an injury-in-fact. As seen from our coverage this morning out of the Second Circuit. In Derrick McCray v. John E. Wetzel & President, No. 3:20-cv-139, 2021 U.S. Dist. LEXIS…
Is It Ethical To Buy Breached Data?
Gary Stevens writes: Research that’s done on malicious breaches of data presents a unique conundrum for the security professionals who are doing the investigating: should access to sets of breached raw data become available to public users and, if so, how? In light of the pandemic, the acceleration toward location-distributed work has the potential to…
In major ruling, 2nd Circuit says no circuit split on data breaches and standing
Alison Frankel reports: For years, I’ve been writing about a split among the federal circuits on whether data breach victims can establish a right to sue in federal court merely by showing that they are at increased risk of identity theft. Just a couple of months ago, when the 11th U.S. Circuit Court of Appeals held in…
Forget Ransomware, Microsoft Says Cryptojacking Is Our Biggest Threat
Simon Batt reports: For a while, ransomware attacks were a hacker’s and scammer’s favorite tool for extracting money from their victims. Now, Microsoft reports that ransomware has now fallen out of favor in place of another kind of attack: cryptojacking. Why Cryptojacking Took the Number One Spot On the Microsoft Security blog, the company details how the…
Mean and median ransomware payments up in Q1, but number of victims paying ransom may be decreasing
A new report from Coveware indicates that the average ransom payment increased 43% to $220,298 in Q1 of this year from $154,108 in Q4 of 2020. The median payment in Q1 also increased to $78,398 from $49,450, a 58% increase. That’s the bad news. At the same time average payment was increasing, Coveware notes that…