A.J. S. Dhaliwal, Mehul N. Madia, and Beineng Zhang of SheppardMullin write: On April 11, North Dakota enacted HB 1127, overhauling its regulatory framework for financial institutions and nonbank financial service providers. The law amends multiple chapters of the North Dakota Century Code and creates a new data security mandate for financial corporations—a category that includes non-depository entities regulated…
Category: Of Note
FBI IC3, Verizon DBIR, Google M-Trends reports are out—here’s the conclusions!
Catalin Cimpanu writes: There are a handful of seminal reports in the cybersecurity industry, and lo and behold, three of them were released on Wednesday. Mandiant’s team, now part of Google Cloud, released M-Trends, Verizon released its Data Breach Investigations Report (aka DBIR), and the FBI Internet Crime Complaint Center (IC3) released its yearly Internet Crime Report [PDF]. All…
ELENOR-corp Ransomware: A New Mimic Ransomware Variant Attacking the Healthcare Sector
Michael Gorelik of Morphisec writes: Morphisec recently investigated an incident involving a new variant of one of the most aggressive ransomware families: Mimic version 7.5. First observed in 2022, Mimic remains relatively underreported in the public domain, aside from a detailed analysis of Mimic version 6.3 that was previously published by Cyfirma and Kaspersky. Target Audience: This threat analysis…
DOGE Sued Over Record Keeping, Failing to Reply to FOIA Requests
If breaches or insider wrongdoing by DOGE employees are suspected, DOGE’s alleged failure to maintain and make transparent required records makes investigation nearly impossible or actually impossible. Mallory Culhane reports: The Department of Government Efficiency and top Trump administration officials are being sued over the agency’s alleged violations of federal record-keeping and transparency laws. DOGE…
High court upholds damages in ICBC privacy breach that resulted in shootings, arson
Long-time readers may recall a truly frightening insider breach at the Insurance Corporation of British Columbia (ICBC) that resulted in cases of arson and people being shot at. The breach was first disclosed in 2011. An employee had reportedly accessed personal information on 65 people. We would later learn that Candy Elaine Rheaume had accessed…
Former U.S. Army Intelligence Analyst Sentenced for Selling Sensitive Military Information to Individual Tied to Chinese Government
A press release from the DOJ: A former U.S. Army intelligence analyst was sentenced today to 84 months in prison for conspiring to collect and transmit national defense information, including sensitive, non-public U.S. military information, to an individual he believed was affiliated with the Chinese government. Korbein Schultz, 25, of Wills Point, Texas, pleaded guilty in August…