Becky Sullivan reports that the Kronos ransomware incident continues to disrupt payroll for employees around the country: A month-old ransomware attack is still causing administrative chaos for millions of people, including 20,000 public transit workers in the New York City metro area, public service workers in Cleveland, employees of FedEx and Whole Foods, and medical…
Category: Subcontractor
Accellion reaches $8.1 mln settlement to resolve data breach litigation
Sara Merken reports: Accellion Inc has reached an $8.1 million deal with a proposed nationwide class to end litigation over a breach of its legacy file transfer product, a platform that allowed companies to securely share large or sensitive files, according to settlement papers filed in California federal court. The Palo Alto-based tech company faced…
Kronos hackers stole personal info of Metro-North workers, MTA says
David Meyer reports: Ransomware hackers who breached the network of MTA timeclock provider Kronos made off with the personal information of several current and former Metro-North employees, transit leadership said Thursday. “Kronos recently informed us that some files containing personal information of some current and former MTA employees at one of our agencies – Metro-North Railroad –…
COVID testing appointment scheduling service discovers data breach
Jan. 13, 2022 /PRNewswire/ — On or around November 30, 2021, Practolytics LLC (“Practolytics”) learned that it experienced a data security incident. A client-generated report containing COVID testing appointment information, which would normally be deactivated following initial download, remained active. Upon discovery, Practolytics took immediate steps to deactivate and delete the download link to prevent further…
Connecticut company that hosts school websites recovering from ransomware attack
Jesse Leavenworth reports: A Glastonbury-based company that hosts thousands of school websites in Connecticut and across the nation continued to recover Monday from a ransomware attack launched last week. “We still have no evidence that any data has been viewed, compromised or extracted,” Finalsite spokeswoman Morgan Delack said. Finalsite has identified the cyber attacker and…
The Impact of Data Security Incident Trends on Commercial Transactions: Part III – Vendor Agreement Resolutions for 2022
Craig Carpenter and Erika Vela of BakerHostetler write: As the BakerHostetler Digital Risk Advisory and Cybersecurity team wraps up the 2022 edition of annual Data Security Incident Response (DSIR) Report, we take one last look at the findings in the 2021 edition of the report to prepare our New Year’s resolutions of a data privacy and security attorney for…