Oded Yaron reports: A group of Palestinian hackers uncovered in January resumed their work against Israel in April, an Israeli security firm has announced. ClearSky Cyber Security also revealed the main activist behind the group. This was the second report on the group by ClearSky, which published in January that the group has operated since…
Category: Of Note
Cybersecurity and Data Privacy: Proposed Legislation Would Substantially Expand and Strengthen New York’s Data Breach Notification Statute
Michael Billok, Christopher Stevens, Clifford Tsan of Bond Schoeneck & King PLLC write: A bill currently pending before the New York State Assembly (A10475) would make a number of significant changes to New York’s data breach notification statute (General Business Law Section 899-aa) in the event that it is passed and signed into law. The…
LeakedSource uploads data set with 32,888,300 Twitter credentials
From LeakedSource: Twitter credentials are being traded in the tens of millions on the dark web. LeakedSource has obtained and added a copy of this data to its ever-growing searchable repository of leaked data. This data set was provided to us by a user who goes by the alias “[email protected]”, and has given us permission…
Morgan Stanley Fined Over Inadequate Security Tied to Galen Marsh Data Breach
Matt Robinson reports that Morgan Stanley has been fined $1 million by the U.S. Securities and Exchange Commission to settle allegations that it failed to protect customer data improperly taken by a former financial adviser, Galen Marsh. Marsh pleaded guilty in September, 2015 to making thousands of unauthorized searches on his employer’s system and to copying information on…
ERISA and Cybersecurity
Larry Goldstein of McGuireWoods LLP writes: Employee benefit plan data stored online may include participants’ names and Social Security numbers, account information and protected health information (PHI), all of which are inviting targets for hackers. Highly-publicized data breaches in recent years have called attention to the obligations of benefit plan administrators (typically the employers sponsoring…
Extortion E-mail Schemes Tied to Recent High-Profile Data Breaches
A public service announcement from the FBI (Alert Number I-060116-PSA): The Internet Crime Complaint Center (IC3) continues to receive reports from individuals who have received extortion attempts via e-mail related to recent high-profile data thefts. The recipients are told that personal information, such as their name, phone number, address, credit card information, and other personal details,…