DataBreaches.net recently reported that Apex Laboratory Inc. had apparently been attacked by DoppelPaymer ransomware threat actors. Apex was added to their leak site on December 15. As proof of claims, the threat actors uploaded approximately 10,000 files containing protected health information of patients (PHI) and personally identifiable information of employees (PII). The 10,000 estimate is…
Category: Of Note
Ticketmaster Pays $10 Million Criminal Fine for Intrusions into Competitor’s Computer Systems
Ticketmaster Used Passwords Unlawfully Retained by a Former Employee of a Competitor to Access Computer Systems in Scheme to “Choke Off” the Victim’s Business Earlier today in federal court in Brooklyn, Ticketmaster L.L.C. (Ticketmaster or the Company) agreed to pay a $10 million fine to resolve charges that it repeatedly accessed without authorization the computer…
Data Breach Litigation Without a Data Breach? Not So Fast Walmart Says…
Lydia de la Torre and Raisa Dyadkina of Squire Patton Boggs write: The Lavarious Gardiner v. Walmart Inc. et al. case is anything but typical. As a re-cap, back in July 2020, plaintiff filed a class action complaint against Walmart alleging that Walmart suffered a data breach which they never disclosed. As evidence of the breach,…
EXCLUSIVE: Conti describes how they attacked Leon Medical Centers; shows DataBreaches.net almost 2 million patient-related files
I’ve always resisted any urge to write a “worst breaches of the year” piece at the beginning of December because I just know that if I do, there’s going to be something that would be on my “worst” list if only I had waited a few weeks. The Conti ransomware attack on Leon Medical Centers…
China settles over 3,100 personal data breach cases in 2020
Xinhua reports: China’s public security agencies investigated and settled more than 3,100 criminal cases involving personal information breaches this year, with more than 9,700 suspects arrested, according to the Ministry of Public Security. By Dec 20, police across the country had dismantled more than 40 criminal gangs and arrested more than 860 suspects in 50…
FTC Announces Enforcement for Inadequate Third Party Risk Management Practices Under the GLBA’s Safeguards Rule
Hunton Andrews Kurth writes: On December 15, 2020, the Federal Trade Commission announced a proposed settlement with Ascension Data & Analytics, LLC, a Texas-based mortgage industry data analytics company (“Ascension”), to resolve allegations that the company failed to ensure one of its vendors was adequately securing personal information of mortgage holders. The FTC alleged that Ascension’s vendor, OpticsML,…