We anticipated a lot of lawsuits would be filed under California’s new law, the California Consumer Privacy Act (CCPA), as it imposes a data security duty on organizations. But will any of the complaints filed withstand early motions to dismiss? The CCPA requires complainants to give the organization 30 days to “cure” a violation and…
Category: Commentaries and Analyses
Ransomware victims keep paying, and ransomware groups keep growing
Graham Cluley writes: The City of Florence in northern Alabama has agreed to pay a ransom of US $300,000 worth of Bitcoin to hackers who compromised its computer systems and deployed ransomware. At an emergency meeting this week, the Florence City Council unanimously voted to give in to the extortionists’ demands and pay the cybercriminals…
12,000+ Indian blood donors’ PII and passwords leaked
CloudSEK reports: CloudSEK has discovered a data leak that contains sensitive information of 12,472 blood donors registered on http://www.indianblooddonors.com/index.php. Indian Blood Donors is an organization that maintains a free database of blood donors. They also have an app, which matches recipients with the nearest donor, based on blood type. Discovery of the leak A CloudSEK researcher discovered…
Cybereason’s Newest Honeypot Shows How Multistage Ransomware Attacks Should Have Critical Infrastructure Providers on High Alert
Israel Barak reports on some research by Cybereason that is not really surprising in its results, but is still a bit scary. The firm set up a honeypot to look like an electric company with operations in North America and Europe. Within days, attackers had found it and started attacking it. From their overview: Cybereason…
Italian company exposed as a front for malware operations
Catalin Cimpanu reports: For the past four years, an Italian company has operated a seemingly legitimate website and business, offering to provide binary protection against reverse engineering for Windows applications, but has secretly advertised and provided its service to malware gangs. The company’s secret business came to light after security researchers from Check Point began…
Columbia College Chicago should have shared data breach information sooner, experts say
Kendall Polidori and Mari Devereaux report: Eight days after the school fell victim to an attack by NetWalker, a group of data hackers, Columbia officials sent a collegewide email stating the college is “working diligently around the clock with outside professionals and law enforcement to protect its student community and employees.” The email said individuals…