Megan Hickey reports that there is finally a notification letter, of sorts, to parents about a network breach in November. In April, Indiana media had been reporting that the parents and community still had not been told what had happened. After a massive network breach temporarily closed schools in Crown Point, Indiana last fall, we are finally…
Category: Commentaries and Analyses
Proposed Second Amendment to NYDFS Cybersecurity Regulations: Comments Due August 14
Micaela McMurrough and Caleb Skeath of Covington & Burling write: Following up on the recent release by the New York Department of Financial Services (“NYDFS”) of an updated proposed second amendment to its “first-in-the-nation” Cybersecurity Regulation, 23 NYCRR Part 500 (proposed second amendment released June 28, 2023), it is not too late for companies to submit comments…
The plaintiffs have standing to sue — court. No, they don’t — appeals court.
Here’s yet one more case to note about standing and how cases may get dismissed before they even really get started. This case involved Syracuse ASC, LLC. In 2021, they experienced a cyberattack and notified 24,891 patients. A copy of their notification was posted to the Vermont Attorney General’s website at the time. In due…
Cyber attack on Montclair Township led to $450K ransom payment
Talia Weiner reports: The Township of Montclair’s insurer negotiated a settlement of $450,000 with the people behind a recent “cyber incident” in order to end the attack, a report says. […] “To guard against future incidents, the township has installed the most sophisticated dual authentication system available to its own system and it is currently…
Coverage Challenges in Ransomware Claims: Cyber Insurance Policies and Trends in Denials
Mark Rasch of Korhman Jackson & Krantz writes: A consistent pattern emerges in data breach and cyber-attack cases when companies turn to their insurers for coverage after such incidents. Whether they possess specialized cyber insurance or not, insurers often decline claims, citing various reasons such as failure to provide timely notice, failure to mitigate costs,…
MHMR Authority of Brazos Valley provides notice of ransomware attack last November (1)
On December 22, 2022 DataBreaches added MHMR Authority of Brazos Valley to our non-public breach worksheet. Based on information at that time from Hive threat actors, it appeared that the non-profit Texas mental health and substance abuse treatment provider’s files had been locked on November 5. Their listing on Hive’s leak site was a sure…