Kelly Sheridan reports: A dataset containing more than 200 million lines of Japanese personally identifiable information (PII) has been found on the Chinese underground market, researchers report. It’s believed the data is authentic and was exfiltrated from multiple Japanese website databases. Experts at FireEye iSIGHT Intelligence first noticed the actor advertising the dataset in December…
Category: Of Note
South Carolina Enacts First Insurance Data Security Act
Edward J. McAndrew of Ballard Spahr LLP writes: South Carolina has become the first state to enact a version of the Insurance Data Security Model Law, which was drafted by the National Association of Insurance Commissioners (NAIC) in 2017. Governor Henry McMaster signed the South Carolina Insurance Data Security Act into law on May 14, 2018. The Act…
EPIC to DC Circuit: Informational Privacy is a Constitutional Right
From EPIC: EPIC has filed a “friend of the court” brief, joined by forty-four technical experts and legal scholars (members of the EPIC Advisory Board), in the OPM Data Breachcase. The case concerns the data breach at the US Office of Personnel and Management in 2015 that affected 22 million federal employees, their friends, and…
Two Members of Syrian Electronic Army Indicted for Conspiracy
May 17 – ALEXANDRIA, Va. – A federal grand jury returned an 11-count indictment today charging two Syrian men with offenses relating to their participation in a conspiracy to engage in computer hacking as members of the “Syrian Electronic Army” or “SEA.” Ahmad ‘Umar Agha, who is known online as the “The Pro,” and Firas Dardar,…
Cyber-Criminal Residing in Latvia Convicted for Role in Operation of Counter Antivirus Service “Scan4you”
May 16 – A federal jury today convicted a Latvian “non-citizen,” meaning a citizen of the former USSR who had been residing in Riga, Latvia, of three counts related to his operation of “Scan4you,” an online counter antivirus service that helped computer hackers to determine whether the computer viruses and other malicious software they created would…
UK: Crown Prosecution Service fined £325,000 after losing victim interview videos
How many monetary penalties will it take before the Crown Prosecution Service gets its data protection act together and does a reasonable job of protecting victim-related information?This is the second monetary penalty they’ve been hit with in the past few years: The Crown Prosecution Service (CPS) has been fined £325,000 by the ICO after they…