Catalin Cimpanu reports: The operators of the Ryuk ransomware are believed to have earned more than $150 million worth of Bitcoin from ransom payments following intrusions at companies all over the world. In a joint report published today, threat intel company Advanced Intelligence and cybersecurity firm HYAS said they tracked payments to 61 Bitcoin addresses previously attributed…
Category: Commentaries and Analyses
Post-Brexit Personal Data Breach Reporting – An End to the ICO’s Role as One-Stop-Shop Lead Supervisory Authority
Ffion Flockhart (UK) and Steven Hadwin (UK) write: The end of the Brexit implementation period on 31 December 2020 has brought with it significant changes to the data protection landscape for UK-based businesses. Amid headlines about data transfer issues and a potential adequacy decision for the UK in the coming months, businesses also need to…
Data Analytics Company Settles with FTC Over Alleged Data Security Violations
Sheila A. Millar and Tracy P. Marshall of Keller & Heckman write: Third-party service providers are vital to many companies and they handle a wide range of business activities essential for companies to deliver their own offerings. But a company is not adequately protecting consumers if it fails to perform proper due diligence on service…
DHS Warns That American Businesses Face Ongoing Data Theft Threat From Vendors in China
Scott Ikeda reports: The Department of Homeland Security (DHS) has issued a broad warning to all American businesses about potential data theft by partners in China that have connections to the government. The advisory outlines “PRC legal regimes and known PRC data collection practices” that could present a risk to any organization not based in the…
Privacy Litigation 2020 Year in Review: Data Breach Litigation
Nancy R. Thomas, Zachary Maldonado, and Ani Oganesian of Morrison Foerster write: Add a 270% increase in data breaches to the long list of unprecedented challenges in 2020. Cybersecurity is on the short list of major risks facing companies. And when a security incident happens, class actions often follow. Although data breach class actions are…
Don’t dox yourself by tweeting about data breaches
I am posting this because, sadly, it seems that some people DO need to read this, although most of them probably are not readers of my site. Ben Dickson cites reactions to the recent disclosure of the NetGalley breach to highlight errors users may make in discussing the breach on social media: And in their…