Zachary Dyer, Steven Imber, Justin Liby, and Jennifer Osborn Nix of Polsinelli write: The New York Department of Financial Services (“NYDFS”) recently announced that it has entered into a Consent Order with two affiliated life insurers for alleged violations of New York’s Cybersecurity Regulation (the “NY Cybersecurity Regulation”). The NYDFS conducted an investigation and determined…
Category: Of Note
UK: ICO fines transgender charity for data protection breach exposing sensitive personal data
Bigger companies may pay bigger fines, but smaller fines do not mean smaller impact when it comes to dealing with sensitive information, as in this case. The Information Commissioner’s Office (ICO) has fined transgender charity Mermaids £25,000 for failing to keep the personal data of its users secure. The ICO’s investigation began after it received a…
Digging into Decoder.re in Kaseya ransom notes– threat intel by Resecurity
Interesting #threatintel thread on Twitter this morning from Resecurity (Full disclosure: I worked with one of their team a number of years ago.). Their research findings do not seem to be up on their web site at this time, so hopefully you can access it on Twitter. The thread begins here. In light of the…
Sodinokibi hackers demand $70 mln to restore data held by companies hit in Kaseya cyberattack
Raphael Satter reports: Hackers suspected to be behind a mass extortion attack that affected hundreds of companies worldwide late on Sunday demanded $70 million to restore the data they are holding ransom, according to a posting on a dark web site. The demand was posted on a blog typically used by the REvil cybercrime gang,…
Canadian non-profit hit by malware gets help — from the threat actor
Good Shepherd Centres in Canada recently disclosed a breach involving protected health information that occurred on September, 27, 2020. On June 29, Good Shepherd posted a statement that explains that it had been the victim of an attempt to shut down its systems, but that the attacker(s) “quickly facilitated restoration after realizing that Good Shepherd…
Japan’s “K” Line Apologizes for Second Cyberattack in Months
The Maritime Executive reports: Japanese shipping company Kawasaki Kisen Kaisha, known as “K” Line issued a brief statement today confirming that its computer systems have once again been breached with “unauthorized access to overseas subsidiary systems.” One of Japan’s oldest and largest shipping companies, with a fleet of more than 400 ships, “K” Line had…