Dustin Volz reports: Federal prosecutors are expected to unseal criminal charges as soon as next week against hackers linked to the Chinese government who have allegedly engaged in a sophisticated multiyear scheme to break into U.S. technology service providers in order to compromise the networks of their clients, according to people familiar with the matter….
Category: Commentaries and Analyses
Cyber-espionage group uses Chrome extension to infect victims
Catalin Cimpanu reports: In what appears to be a first on the cyber-espionage scene, a nation-state-backed hacking group has used a Google Chrome extension to infect victims and steal passwords and cookies from their browsers. This is the first time an APT (Advanced Persistent Threat –an industry term for nation-state hacking groups) has been seen…
SD Calif. Dismisses Data Security Breach Class Action Against Mortgage Company
Christopher P. Hahn. writes: The U.S. District Court for the Southern District of California recently dismissed a consumer’s putative class action lawsuit against a mortgage lending and servicing company for purported damages sustained as a result of a security breach wherein his personal information was compromised, and the hackers attempted to open credit cards in…
The US Leans on Private Firms to Expose Foreign Hackers
William G. Rich reports: When the Democratic National Committee realized they had been hacked in April 2016, they turned to experts from a private company: the cybersecurity firm CrowdStrike. Within a day, the company had identified two Russian state-sponsored hacking groups inside the DNC network. Within a few weeks, it publicly explained its analysis in a…
Allergy practice pays $125,000 to settle doctor’s disclosure of patient information to a reporter
From HHS, this enforcement action press release: Allergy Associates of Hartford, P.C. (Allergy Associates), has agreed to pay $125,000 to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) and to adopt a corrective action plan to settle potential violations of the Health Insurance Portability and Accountability Act…
Belgian Data Protection Authority reports jump in data breach notifications
Telecompaper reports: The Belgian Data Protection Authority reported a sharp increase in the number of data breaches reported to the regulator since the EU’s General Data Protection Regulation took effect in May, at 317 compared to 13 in 2017. The health, insurance, government, telecom and financial sectors were the top sources of the notifications. The…