Charlie Osborne reports: Security researchers have provided insight into how a single student unwittingly became the conduit for a ransomware infection that cost a biomolecular institute a weeks’ worth of vital research. In a report due to be published on Thursday, Sophos described the case, in which the team was pulled in to neutralize an active cyberattack…
Category: Commentaries and Analyses
China Issues Second Version of the Draft Personal Information Protection Law for Public Comments
Hunton Andrews Kurth writes: On April 29, 2021, China issued a second version of the draft Personal Information Protection Law (“Draft PIPL”). The Draft PIPL will be open for public comments until May 28, 2021. While the framework of this version of the Draft PIPL is the same as the prior version issued on October 21, 2020,…
Scraping Episodes Highlight Debate Over Anti-Hacking Law’s Scope
Andrea Vittorio reports: Recent data scraping incidents at Facebook Inc. and LinkedIn Corp. highlight an ongoing debate over whether companies can invoke an anti-hacking law to restrict rivals or other actors from harvesting information from people’s online profiles. The issue could reach the U.S. Supreme Court, in a case over a data-scraping dispute between LinkedIn and workforce…
Exclusive: What Happened? A dispute between NightLion Security and Astoria Company Escalates
A DataBreaches.net exclusive: It is not uncommon for a firm to deny allegations that they have been breached. It is not uncommon for a firm to acknowledge that there has been a breach but claim that it is not as dramatic as a researcher might claim. And it is not uncommon for researchers to receive…
Worldwide phishing attacks deliver three new malware strains
Sergiu Gatlan reports: A global-scale phishing campaign targeted worldwide organizations across an extensive array of industries with never-before-seen malware strains delivered via specially-tailored lures. The attacks hit at least 50 orgs from a wide variety of industries in two waves, on December 2nd and between December 11th and 18th, according to a Mandiant report published today. UNC2529,…
Circuit Split No More: 2nd Circuit Clarifies Article III Standing in Data Breach Cases
Lissette C. Payne of Bradley writes: While more states push forward on new privacy legislation statutorily granting consumers the right to litigate control of their personal information, federal courts continue to ponder how data breach injury fits traditional standing requirements. Previous to McMorris v. Carlos Lopez, McMorris v. Carlos Lopez & Assocs., LLC, many have argued there was a circuit split…