AnnaMaria Andriotis reports: Hackers in the Equifax Inc. breach accessed more of consumers’ personal information than the company disclosed publicly last year. Equifax said, in a document submitted to the Senate Banking Committee and reviewed by The Wall Street Journal, that cyberthieves accessed records across numerous tables in its systems that included such data as…
Category: Of Note
CFAA “Unauthorized Access” Web Scraping Claim against Ticket Broker Dismissed Because Revocation of Access Not Expressed in Cease and Desist Letter
Jeffrey D. Neuberger of Proskauer Rose writes: A California district court issued an important opinion in a dispute between a ticket sales platform and a ticket broker that employed automated bots to purchase tickets in bulk. (Ticketmaster L.L.C. v. Prestige Entertainment, Inc., No. 17-07232 (C.D. Cal. Jan. 31, 2018)). For those of us who have…
FBI Private Industry Notification warns schools about TheDarkOverlord
On January 31, 2018, the FBI released a Private Industry Notification (PIN) warning schools about the hacker(s) known as TheDarkOverlord. The information in the PIN was provided by the FBI and the Department of Education’s Office of the Inspector General, and it appears to be an expanded version of a prior alert to schools issued by…
What to Know About ED’s New Stance On Data Breach Reporting
Sean Tassi reports: Until recently, colleges and universities that experienced a data breach had no unique reporting obligations to the U.S. Department of Education. Institutions were expected to analyze security incidents under applicable federal and state laws and, when appropriate, notify affected individuals and appropriate federal and state agencies. Because the Family Educational Rights and…
IL: Reinstated school district IT Director sues school board over breach response
In May, 2016, this site noted a breach report from Abingdon-Avon School District in Illinois. One month later, we noted a news report that their IT Director, identified at the time as Mark Rodgers (sic), had been arrested, although it wasn’t clear if the felony eavesdropping charges were directly related to the breach. Not reported…
Thirty-six Defendants Indicted for Alleged Roles in Transnational Criminal Organization Responsible for More than $530 Million in Losses from Cybercrimes
A federal indictment was unsealed today charging 36 individuals for their alleged roles in the Infraud Organization, an Internet-based cybercriminal enterprise engaged in the large-scale acquisition, sale, and dissemination of stolen identities, compromised debit and credit cards, personally identifiable information, financial and banking information, computer malware, and other contraband. Following the return of a nine-count…