Hunton Andrews Kurth writes: On March 19, 2024, Utah’s Governor Spencer J. Cox signed Senate Bill (SB) 98 (the “Bill”), Online Data Security and Privacy Amendments, into law. The Bill amends the Protection of Personal Information Act (§13-44-101 et seq) and the Utah Technology Governance Act in the Utah Government Operations Code (§63A-16-1101 et seq). The Utah Technology Governance…
Category: Of Note
Treasury Sanctions China-Linked Hackers for Targeting U.S. Critical Infrastructure
WASHINGTON — Today, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned Wuhan Xiaoruizhi Science and Technology Company, Limited (Wuhan XRZ), a Wuhan, China-based Ministry of State Security (MSS) front company that has served as cover for multiple malicious cyber operations. OFAC is also designating Zhao Guangzong and Ni Gaobin, two Chinese nationals affiliated with Wuhan XRZ,for…
“Lifelock” pleads guilty to hacking and fraud charges
Earlier today, Robert A. Purbeck of Idaho, aka “Lifelock” and “Studmaster,” pleaded guilty in an Atlanta federal courtroom to two counts of an 11-count indictment filed against him in 2021. The two counts charged violation of Title 18, United States Code/ Sections 1030(a)(2)(C)/ 1030(c)(2)(B)(i) and 1030(c)(2)(B)(iii) and Section 2, more commonly known as the Computer…
The 2024 Breach Barometer reports a staggering 171 million patient records breached. And that’s just the ones we know about.
Each year, many news sites add up the number of reports on HHS’s public breach tool and then add up the number of records reported for those incidents. For 2023, that came to 725 reports and about 135 million records. Those numbers are disturbing, but not as disturbing as the numbers out today by Protenus….
Florida Legislature Passes Data Breach Immunity Legislation
Josh Hansen and Alfred Saikali of Shook, Hardy & Bacon write: The Florida legislature passed a bill that provides immunity to companies that suffer a data breach. The immunity is conditioned on the company: (1) complying with the notice requirements of Florida’s data breach notification law, and (2) maintaining a cybersecurity program that tracks certain…
Banning Ransom Payments: Calls Grow to ‘Figure Out’ Approach
Mathew J. Schwartz reports: How might banning ransomware victims from paying a ransom to their attacker work in practice? As ransomware groups are causing massive damage and disruption and showing no signs of stopping, Ciaran Martin, the former head of Britain’s National Cyber Security Center, said “it’s time to figure out how to make a ransomware payments…