Melissa D. Berry reports: Stealing Medicare beneficiary identification numbers has become the latest goal for cybercriminals who see this data as even more valuable than stolen credit cards. A South Florida man pled guilty in federal court in late-January to “conspiring to buy and sell more than 2.6 million Medicare beneficiary identification numbers” and other…
Category: Of Note
FTC Publishes Blog Post on Data Security Practices for Complex Systems
Caleb Skeath, Shayan Karbassi, and Ashden Fein of Covington & Burling write: In February, the Federal Trade Commission (“FTC”) published a blog post that elucidated key security principles from recent FTC data security and privacy orders. Specifically, the FTC highlighted three practices that the Commission regards as “effectively protect[ing] user data.” These practices include: (1) offering multi-factor…
CISA Advisory: Royal Ransomware
Release Date: March 02, 2023 Alert Code: AA23-061A SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations…
Za: Businessman convicted of Experian data breach skips sentencing, court issues warrant for his arrest
Jeanette Chabalala reports: A man who was convicted of fraudulently obtaining the personal data of millions of South Africans is a wanted man after he skipped his sentencing. Karabo Phungula failed to appear in the Specialised Commercial Crimes Court, sitting in the Palm Ridge Magistrate’s Court, for his sentencing on Wednesday. It was the second…
Little Rock school district seeks cyberattack disclosure guidance
Arkansas Online reports: The Little Rock School District is continuing to seek an attorney general’s opinion on the legality of holding private school board meetings when reacting to a cyber- or ransomware attack on a district’s electronic information systems. Little Rock Superintendent Jermall Wright sent a lengthy letter in January to the attorney general’s office…
Supreme Court Hears Healthcare Identity Theft Case
Marianne Kolbasuk McGee reports: Justices on the U.S. Supreme Court seem ready to restrict federal prosecutors’ use of a federal law criminalizing identity theft after hearing a case challenging its application in a Medicaid fraud case. Traditional identity theft involving appropriation of personal information for criminal ends, such as obtaining fraudulent prescriptions or submitting fake…