From Bloomberg Law: A Virginia health-care system will have to answer claims that it is liable for its employees’ snooping into a patient’s confidential health information. A Virginia trial court shouldn’t have dismissed Lindsey Parker’s complaint alleging Carilion Healthcare Corp. and Carilion Clinic should be held liable for their employees’ wrongdoing, the Virginia Supreme Court…
Category: Of Note
Litigation Options For Post-Cyberattack ‘Active Defense’
Alexander Berengaut and Tarek Austin of Covington & Burling write: In March 2017, Rep. Tom Graves, R-Ga., introduced a draft bill titled the Active Cyber Defense Certainty Act. The bill would amend the Computer Fraud and Abuse Act to enable victims of cyberattacks to employ “limited defensive measures that exceed the boundaries of one’s network…
Canadian Regulator Issues Final Guidance on New Data Breach Reporting Requirements
Hunton writes: On October 29, 2018, the Office of the Privacy Commissioner of Canada (the “OPC”) released final guidance (“Final Guidance”) regarding how businesses may satisfy the reporting and record-keeping obligations under Canada’s new data breach reporting law. The law, effective November 1, 2018, requires organizations subject to the federal Personal Information Protection and Electronic…
GandCrab ransomware crew loses $1Mil after Bitdefender releases free decrypter
Score one for the good guys. Catalin Cimpanu reports: Bitdefender believes the criminal group behind the GandCrab ransomware has lost an estimated $1 million in ransom payments after the company released a free decryption utility for GandCrab victims last week. The Romanian antivirus maker says that at least 1,700 GandCrab victims were able to successfully…
Mirai Co-Author Gets 6 Months Confinement, $8.6M in Fines for Rutgers Attacks
Brian Krebs reports: The convicted co-author of the highly disruptive Mirai botnet malware strain has been sentenced to 2,500 hours of community service, six months home confinement, and ordered to pay $8.6 million in restitution for repeatedly using Mirai to take down Internet services at Rutgers University, his former alma mater. Paras Jha, a 22-year-old computer…
Privacy Commissioner Expresses Serious Concern on Cathay Pacific Airways Data Breach Incident
The Privacy Commissioner for Personal Data, Hong Kong (Privacy Commissioner), Mr Stephen Kai-yi WONG, expressed serious concern over the Cathay Pacific Airways data breach incident, noting that the incident might involve a vast amount of personal data (such as name, date of birth, passport number, Hong Kong Identity Card number, credit card number, etc) of…