I know the arguments against holding covered entities for auditing and monitoring their business associates periodically for compliance with any contracts, but when you don’t hold covered entities really accountable for checking that their vendors or business associates are living up to their contracts, stuff like this happens. And it can go on for years….
Category: Of Note
Data from Nigerian and Kenyan universities compromised after unis fail to act upon whitehat’s notifications
Emanuel Paul reports: …Techpoint can confirm that the websites and databases of two Nigerian universities — Ahmadu Bello University (ABU), Zaria and the University of Benin (UNIBEN), Benin City — and Mount Kenya University, Thika, Kenya are porous, vulnerable and in urgent need of attention. Also, these data which include admission lists, course registration details, and…
One down: Nathan Wyatt of thedarkoverlord agrees to plead guilty
A U.K. man extradited to the U.S. in December to stand trial for his role in thedarkoverlord (TDO) has agreed to plea guilty to resolve all charges against him. Nathan Francis Wyatt, also known as “Crafty Cockney,” has agreed to plead guilty to charges stemming from his role in some of thedarkoverlord’s attacks on entities…
Capital One Must Turn Over Mandiant’s Forensics Report
Jeremy Kirk reports: Capital One has been ordered by a federal judge to turn over the results of a digital forensics investigation into its 2019 data breach, which has been sought by plaintiffs in a class-action lawsuit. The report could provide further insight into what went wrong in one of the most significant breaches of…
Vermont Updates its Data Breach Notification Law
Joseph J. Lazzarotti, Jason C. Gavejian, Mary T. Costigan and Maya Atrakchi of JacksonLewis write: As the COVID-19 pandemic presses on, privacy and security matters continue to be at the forefront for federal and state legislature. We recently reported that Washington D.C. updated its data breach notification law. Now, the Vermont legislature also amended its data breach…
U.S. Accuses Russian Military Hackers of Attack on Email Servers
Julian E. Barnes and David E. Sanger report: The National Security Agency publicly accused Russian government hackers of targeting email servers around the world in an unusual announcement on Thursday, showing that the agency is becoming more aggressive in calling out Moscow’s action as the presidential election approaches. While the Trump administration has publicly attributed…