Jonathan Stempel reports: Yahoo has struck a revised $117.5 million settlement with millions of people whose email addresses and other personal information were stolen in the largest data breach in history. The proposed class-action settlement made public on Tuesday was designed to address criticisms of U.S. District Judge Lucy Koh in San Jose, California. She…
Category: Of Note
Zain Qaiser: Student jailed for blackmailing porn users worldwide
Dominic Cacsiani reports: A student who made hundreds of thousands of pounds blackmailing pornography website users with cyber attacks has been jailed. Zain Qaiser from Barking, London, used his programming skills to scam visitors to pornography sites around the world. Investigators have discovered about £700,000 of his profits – but his network may have made…
BakerHostetler’s 5th Annual Data Security Incident Response Report Highlights Collision of Privacy, Cybersecurity and Compliance; Details Efforts to Minimize Risk
A press release from BakerHostetler that will be of interest to many readers. BakerHostetler’s privacy and data protection team released its 2019 Data Security Incident Response Report, which leverages the metrics and insights drawn from 750 potential incidents in 2018 to help entities identify and prioritize the measures necessary to address their digital risk posture….
AU: ASD confirms data stolen in Parliament IT breach
Justin Hendry reports: Australian Signals Directorate chief Mike Burgess has confirmed data was stolen by a state-sponsored actor during February’s malicious attack against Parliament House. In what appears to be the first public admission of the data exfiltration, Burgess told senate estimates last week that a limited amount of non-confidential data had made its way…
Pick-Six: Intercepting a FIN6 Intrusion, an Actor Recently Tied to Ryuk and LockerGoga Ransomware
From a recent report by Brendan McKeague, Van Ta, Ben Fedore, Geoff Ackerman, Alex Pennino, Andrew Thompson, Douglas Bienstock of FireEye: Recently, FireEye Managed Defense detected and responded to a FIN6 intrusion at a customer within the engineering industry, which seemed out of character due to FIN6’s historical targeting of payment card data. The intent…
B.C. privacy czar urges fast reporting of security breaches
Louise Dickson and Lindsay Kines report: In the wake of a privacy breach at the B.C. Pension Corporation, B.C.’s privacy commissioner is once again calling on the provincial government to compel public and private bodies to report privacy breaches to his office within days of discovery. Michael McEvoy said the case clearly demonstrates why B.C….