Elise Elam and Benjamin Wanger of BakerHostetler write: We recently wrote about North Carolina’s new law prohibiting state agencies – including public schools and universities – from paying a ransom or even communicating with a threat actor following a ransomware incident. On June 24, Florida followed suit when its governor signed HB 7055 into law, amending portions…
Category: Of Note
Atlassian: Confluence hardcoded password was leaked, patch now!
Sergiu Gatlan reports: Australian software firm Atlassian warned customers to immediately patch a critical vulnerability that provides remote attackers with hardcoded credentials to log into unpatched Confluence Server and Data Center servers. As the company revealed this week, the Questions for Confluence app (installed on over 8,000 servers) creates a disabledsystemuser account with a hardcoded password to help admins…
T-Mobile agrees to pay $350 million in data breach affecting 77 million users
IANS reports: Telecommunications company T-Mobile has agreed to pay $500 million to settle a class-action lawsuit in a 2021 data breach that impacted nearly 76.6 million users’ data in the US. T-Mobile will put $350 million into a settlement fund to go to lawyers, fees, and the affected, according to the proposed agreement filled on Friday. The company will also…
Seventh Circuit Affirms Dismissal Of Class Claims Based Upon Speculative Hacking Risk
Benjamin Cain of Covington and Burling writes: Late last week, the Seventh Circuit affirmed a trial court’s ruling granting dismissal at summary judgment of claims against FCA US LLC (“FCA,” formerly known as Chrysler) and Harman International Industries, Inc. (“Harman”) for lack of Article III standing. See Flynn v. FCA US LLC, — F. 4th —-,…
Uber enters non-prosecution agreement; admits 2016 data breach coverup
SAN FRANCISCO –Uber Technologies, Inc., has entered a non-prosecution agreement with federal prosecutors to resolve a criminal investigation into the coverup of a significant data breach suffered by the company in 2016, announced United States Attorney Stephanie M. Hinds and Federal Bureau of Investigation Special Agent in Charge Sean Ragan. As part of a non-prosecution…
Joint Statement by the United States and the United Kingdom on Data Access Agreement
The United States and United Kingdom intend to bring into force the Agreement between the Government of the United States of America and the Government of the United Kingdom of Great Britain and Northern Ireland on Access to Electronic Data for the Purpose of Countering Serious Crime (“Data Access Agreement”), which was signed in 2019,…