Craig A. Newman writes: In a consequential test of the Federal Trade Commission’s authority as a data security regulator, the U.S. Court of Appeals for the Eleventh Circuit will hear argument tomorrow in a case that will determine whether the agency must show a concrete consumer injury as an element of an enforcement action, just…
Category: Of Note
Larson Studios Breaks Silence about TheDarkOverlord hack and extortion (UPDATED)
In an intriguing follow-up to a case I reported in April concerning a hack-extortion incident involving TheDarkOverlord, Janko Roettgers reports that Larson Studios actually paid TheDarkOverlord’s 50 BTC demand. That alone would be surprising and newsworthy (there had been no payments made to the BTC wallet address given in the extortion contract), but Roettgers also…
Oral Argument in LabMD Case to Test FTC’s Enforcement Authority
Jimmy H. Koo reports: The Federal Trade Commission will have an opportunity to justify its data security enforcement authority when oral argument in LabMD Inc. v. FTC starts June 21 before the U.S. Court of Appeals for the Eleventh Circuit, attorneys told Bloomberg BNA. One of the critical issues likely to emerge in the case…
South Korean Web Hosting Provider Pays $1 Million to Erebus Ransomware Attackers
Ionut Arghire reports: South Korean web hosting company Nayana agreed to pay $1 million in Bitcoin after a ransomware attack hit 153 Linux servers. The attack took place June 10 and resulted in over 3,400 business websites the company hosts being encrypted. According to the Nayana’s initial announcement, the attacker demanded 550 Bitcoins (over $1.6…
Medical records stolen from old nursing home; no one takes responsibility????
Barb Ickes reports: What no doubt will come as a shock to some is no surprise to others. An East Moline parent called last week and told about discovering two sets of strangers’ medical records in her daughter’s belongings. The documents included lists of medications, doctors’ notes, diagnoses and other personal information, including Social Security…
The messy, messy month of May
Compiling data for Protenus, Inc.’s breach barometer should be relatively routine and straight-forward. In May, however, it wasn’t. Here’s a rundown on the factors that complicated our analyses: Investigating patient data put up for sale on the dark web. Determining whether the breaches were legitimate or fake turned out to be headache-inducing, as the following scenarios…