Updated May 13: It appears that Bluefield U. has not warned students that the university’s system is still compromised and that the threat actor can see and acquire files. Yesterday, a student that DataBreaches will not name submitted a Virginia Tuition Assistance Grant application with his full Social Security number, date of birth, and other…
Category: State/Local
New York AG Releases Guide for Businesses on Effective Data Security
Damon W. Silver of JacksonLewis writes: As noted in a prior post, New York’s Attorney General (“NYAG”) has made enforcement of the New York SHIELD Act an enforcement priority. The SHIELD Act requires organizations handling personal information related to New York residents to maintain reasonable safeguards to protect that information. Maintaining its focus on this area, the NYAG…
Virginia Passes Legislation Prohibiting the Use of Employees’ Social Security Numbers as Identifiers
Jason C. Gavejian and Joseph J. Lazzarotti of JacksonLewis write: On March 21, 2023, Virginia’s governor approved Senate Bill 1040, which prohibits an employer from using an employee’s social security number or any derivative as an employee’s identification number. The bill also prohibits including an employee’s social security number or any number derived from the social…
BREAKING: BreachForums owner “Pompompurin” arrested
Bob Van Voris and William Turton report: Federal agents have arrested a Peekskill, New York, man they say ran the notorious dark web data-breach site “BreachForums” under the name “pompompurin.” Conor Brian Fitzpatrick was arrested by a team of investigators at his home around 4:30 p.m. Wednesday, FBI Special Agent John Longmire said in a…
NY Attorney General James Continues Crackdown on Unregistered Cryptocurrency Platforms
If you’re a cryptocurrency platform doing business in New York but are not registered with the state, Attorney General James will be coming after you. NEW YORK – New York Attorney General Letitia James today continued her efforts to crack down on unregistered cryptocurrency platforms by filing a lawsuit against KuCoin for failing to register…
EPA Requires States to Address the Cybersecurity of Public Water Systems
Ashden Fein, Micaela McMurrough, Caleb Skeath, and Matthew Harden of Covington & Burling write: On March 3, 2023, the United States Environmental Protection Agency (“EPA”) published a memorandum requiring states to evaluate the cybersecurity of operational technology used by public water systems (“PWSs”) “when conducting PWS sanitary surveys or through other state programs.” EPA’s memorandum “interprets the…