Coveware’s Q1 report for 2023: Midway through Q1 the winds of progress shifted, and we observed a material increase in attacks on large enterprises that achieved levels of impact that we had not observed since before the Colonial Pipeline attack in May 2021. In 2019 and 2020 it was fairly common to see large enterprises…
Category: Of Note
New York AG Releases Guide for Businesses on Effective Data Security
Damon W. Silver of JacksonLewis writes: As noted in a prior post, New York’s Attorney General (“NYAG”) has made enforcement of the New York SHIELD Act an enforcement priority. The SHIELD Act requires organizations handling personal information related to New York residents to maintain reasonable safeguards to protect that information. Maintaining its focus on this area, the NYAG…
NHS launches probe after five-year-old takes records of 150 patients to school to use as ‘drawing paper’
Shaun Wooller reports: The NHS has launched a probe after a pupil took printed records containing details of 150 patients to school to use as drawing paper. Bedfordshire Hospitals Foundation Trust confirmed it is investigating how the child got hold of the personal documents. However, it refused to say if any of the pupil’s relatives worked for…
Uber’s former Chief Security Officer sentenced to three years probation for covering up massive data breach
SAN FRANCISCO – Joseph Sullivan was sentenced to serve a three-year term of probation and ordered to pay a fine of $50,000, announced First Assistant United States Attorney Stephanie M. Hinds and FBI San Francisco Special Agent in Charge Robert K. Tripp. The sentence was handed down by the Hon. William H. Orrick, United States…
Brightline continues notifying clients of GoAnywhere incident; count continues to rise (more than 1 million)
Updated May 3: When DataBreaches checked Clop’s leak site today, the listing for Brightline was gone. Whether this means that they paid Clop to get it removed, or if its removal is just temporary remains to be seen. But out of all the health-related Fortra clients this site reported on in April, the Brightline listing…
Merck entitled to $1.4B in cyberattack case after appeals court rejects insurers’ ‘warlike action’ claim
Angus Liu reports: Merck may finally be entitled to a hefty insurance payout from the high-profile NotPetya cyberattack—if an appeals court ruling stands. A New Jersey appellate court on Monday ruled that a group of insurers can’t use war as an argument to deny Merck coverage from the notorious cyberattack that afflicted the company and others…