Some state and federal laws provide specific timeframes by which breached entities must provide notice to regulators and to those affected by a data breach. Unfortunately, loopholes abound, as we seen in statutory language such as Minnesota’s breach notification law, where for timing of notification, it says: “The disclosure must be made in the most…
Category: Commentaries and Analyses
Coca-Cola FEMSA victim of ransomware attack and data leak
Coca-Cola FEMSA is the bottler of Coca-Cola and its related soft drink products in much of Latin America, which makes it an important part of the Coca-Cola system. This week, a threat actor known to DataBreaches as “TheSnake” and as the person who had also hacked a Brazilian clinic, leaked some data from Coca-Cola FEMSA…
Schneck Medical Center settles Indiana Attorney General’s lawsuit over 2021 data breach
Jackson County Schneck Memorial Hospital (Schneck Medical Center) was a victim of a cyberattack in 2021. Its 2021 and 2022 disclosures about the breach and its lack of timely breach notification resulted in a potential class action lawsuit filed in 2022. Its lack of appropriate and timely disclosures and information patients needed to protect themselves…
Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach
Uh oh. Brian Krebs reports: In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. Since then, a steady trickle of six-figure cryptocurrency heists targeting security-conscious people throughout the tech industry has led some security experts…
“i know it hurts your little dick seeing a true hacker like me in a crowd full of skids and sheep,” said a man with no knowledge of anatomy
After the arrest of Breached.vc’s owner “Pompompurin” in March, Breached.vc was taken offline by an administrator because it seemed likely the server had been compromised by law enforcement. Months later, the domain was seized by law enforcement. The arrest of Pompompurin and shuttering of the popular hacking forum left a void for those looking to…
The Government Isn’t Sure How to Get Small Hospitals to Take Cybersecurity Seriously
Eric Geller reports: The U.S. government is struggling to convince hospitals that they need to spend time and money fighting hackers and provide useful advice to them, a problem that could have lethal consequences as the country’s ransomware crisis rages on. “I don’t think we’ve figured out how to talk to the small and medium-sized…