Peter Hayes reports: Orrick, Herrington & Sutcliffe LLP will pay $8 million to settle consolidated class action claims over a data breach that impacted approximately 461,100 people. Class counsel asked the US District Court for the Northern District of California to approve the settlement in an unopposed motion filed Thursday. The agreement also calls for an award of…
Category: Hack
Judge: Clark County schools may have immunity in lawsuit over 2023 cybersecurity breach
There’s an update to litigation against Clark County schools stemming from an attack by SingularityMD last year. Rocio Hernandez reports: A Clark County judge said she’s leaning toward granting the Clark County School District’s (CCSD) motion to dismiss a class action lawsuit filed on behalf of parents whose children’s data was leaked in a 2023 cyberattack, but…
One year after breach, CCM Health notifies almost 29,000 patients
CCM Health in Minnesota provides health services through public hospitals and healthcare facilities. In a notification letter dated March 12, 2024, they informed patients that protected health information (PHI) may have been accessed and exfiltrated during an attack that occurred between April 3 – April 10, 2023. They do not reveal when or how they…
On Q Financial announces data breach, law firm feeding frenzy follows
On April 2, Arizona-based On Q Financial notified the Maine Attorney General’s Office of a breach the mortgage lender experienced. Within days, law firms announced investigations into the breach and sought potential class action members. Was there anything particularly unique that would trigger a legal feeding frenzy? No. But On Q Financial holds financial data…
Florida Department of Juvenile Justice computer network hacked
Vivienne Serret reports: Hackers broke into the computer network of the Florida Department of Juvenile Justice in Tallahassee, which runs the state’s juvenile detention centers and programs to steer troubled kids away from crime. It led to a continuing shutdown of the digital backbone the agency uses to manage cases statewide. The department took offline…
Threat actors walked away from a $1.8 million offer because the victim talked to the media?! (1)
A recent listing on LockBit’s leak site about Crinetics Pharmaceuticals seemed unusual. It included a disclaimer: “Those responsible for the exfiltration of data belonging to this victim have no association, indirect or direct, with the Lockbit group.” If those who exfiltrated the data had no association with LockBit, why was the listing on LockBit’s site?…