Imagine having a law on your side that actually helps you in the event your bank account is hacked or your funds are stolen by scammers, but the bank never tells you that you are protected by that law, and worse, does not comply with it. According to NYS Attorney General Letitia James, that’s pretty…
Category: Commentaries and Analyses
Ransomware payments drop to record low as victims refuse to pay
Bill Toulas reports: The number of ransomware victims paying ransom demands has dropped to a record low of 29% in the final quarter of 2023, according to ransomware negotiation firm Coveware. This trend became apparent in mid-2021 when the payment rate dropped to 46% after previously being 85% at the start of 2019. According to Coveware, the…
Facebook suffers big loss in lawsuit against data-scraping company
Jon Brodkin reports: One year after Meta sued a data-scraping company, a federal judge this week threw out Meta’s breach-of-contract claim because the defendant obtained only public data from Facebook and Instagram. Meta sued Bright Data in January 2023, making claims of breach of contract and tortious interference with contract. Bright Data is an Israeli company that collects data…
NYS Comptroller Audit: Garrison Union Free School District – Information Technology (2023M-127)
Issued Date: January 19, 2024 [read complete report – pdf] Audit Objective Determine whether Garrison Union Free School District (District) officials secured the District’s network user accounts, established physical controls and maintained inventory records for information technology (IT) equipment, and developed an IT contingency plan. Key Findings District officials did not adequately secure the District’s…
Looking Ahead to the FTC’s Implementation of the Data Breach Notification Rule for Nonbanking Financial Institutions
Alexander Boyd , Colin H. Black of Polsinelli PC write: Beginning on May 13, 2024, nonbanking “financial institutions” must notify the Federal Trade Commission (“FTC”) within 30 days of discovering a data breach involving the nonpublic personal information of at least 500 consumers. These covered organizations can include a wide variety of companies that engage…
Zero-day, supply-chain attacks drove data breach high for 2023
CSO reports: Zero-day exploits, supply chain attacks fuel 72% increase over previous record for incidents of compromise. Another increase is expected for 2024. A new record for data breaches reported to the Identity Theft Resource Center (ITRC) was set in 2023, spurred by zero-day and supply chain attacks, according to the organization’s annual data breach report released Thursday. The report…