Orin Kerr writes: The U.S. Court of Appeals for the 9th Circuit has handed down a very important decision on the Computer Fraud and Abuse Act, Facebook v. Vachani, which I flagged just last week. For those of us worried about broad readings of the Computer Fraud and Abuse Act, the decision is quite troubling. Its reasoning appears…
Category: Of Note
IoT Medical Devices: A Prescription for Disaster
Tom Spring reports: Late last month, TrapX Labs’ security team spotted an uptick in the prevalence of a new more virulent strain of malware targeting hospitals and their IoT equipment. Researchers discovered attackers targeting unpatched medical equipment running Windows XP and Windows 7 with variations of attacks such as the Conficker worm, long thought obsolete. The…
Reps. Lieu and Hurd urge ransomware events to be reported under HITECH
Representatives Ted W. Lieu (D | Los Angeles County) and Will Hurd (R | San Antonio) sent a letter to Deven McGraw, Deputy Director of the Office of Civil Rights of the Department of Health and Human Services (HHS) encouraging the office to focus on developing guidance for health care providers to respond to ransomware attacks under…
FBI chief says Guccifer lied about hacking into Clinton’s email server
Michael Kan reports: A Romanian hacker’s claim that he broke into Hillary Clinton’s private email server in 2013 was a lie, according to the FBI. Marcel Lehel Lazar, also known as Guccifer, has boasted about the breach to various media outlets, saying in May that it had been “easy.” But on Thursday, FBI director James…
‘KYAnonymous,’ who drew attention to Ohio rape case, indicted by federal grand jury
Greg Kocher reports: Deric Lostutter, the Clark County online activist known as “KYAnonymous” who helped draw national attention to an Ohio rape case, was indicted on four felony counts Thursday by a federal grand jury in Lexington. The indictment says Lostutter violated the federal Computer Fraud and Abuse Act when he “knowingly and intentionally joined…
NEW: Monthly stats for health/med breaches
People have often asked me if I compile stats on the reports on my site. I haven’t, but am pleased to announce that I am now collaborating with Protenus to help them provide monthly stats for U.S. breaches involving health/medical data. You can read their first blog post on June incidents here. Here’s a snippet…