Joseph Lazarrotti of JacksonLewis writes: On May 20, 2022, the Federal Trade Commission’s Team CTO and the Division of Privacy and Identity Protection published a blog post entitled, “Security Beyond Prevention: The Importance of Effective Breach Disclosures.” In the post, the FTC takes the position that in some cases there may be a de facto data breach…
Category: U.S.
K-12 school districts in New Mexico, Ohio crippled by cyberattacks
Jonathan Grieg reports: Cyberattacks on K-12 schools across the U.S. continued this week with both the Fort Sumner Municipal Schools in New Mexico and Washington Local Schools in Ohio suffering from incidents. The Cl0p ransomware group’s leak site this week displayed sensitive information from students, faculty members and parents from Fort Sumner Municipal Schools. The…
DOJ’s New CFAA Policy is a Good Start But Does Not Go Far Enough to Protect Security Researchers
Andrew Crocker of EFF responds to the announcement this week by DOJ about its revised policy for enforcement of the Computer Fraud and Abuse Act: The Computer Fraud and Abuse Act (CFAA), the notoriously vague anti-hacking law, is long overdue for major reform. Among many problems, the CFAA has been used to target security researchers whose work…
Trust Stamp, a facial recognition company with a $7.2 million ICE contract, had dozens of peoples’ data exposed in breach
Caroline Haskins reports: Trust Stamp, a government contractor that develops facial recognition and surveillance tools for agencies like Immigration and Customs Enforcement, left the personal information of several dozen people unsecured on a breached database, Insider has learned. This information included names, birthdays, home addresses, and driver’s license data. An anonymous tipster who said they…
Fraudster who hacked SUNY Plattsburgh accounts gets 9 ¼ year prison sentence
Robert Gavin reports: A federal judge sentenced Michael P. Fish to 9 ¼ years in prison Friday, saying he depravedly hacked into the accounts of dozens of unsuspecting female students at SUNY Plattsburgh, stole their private photos and sold the images on the internet. With his family watching on a courtroom bench, the 26-year-old Fish sat in…
Battelle for Kids ransomware attack compromised records of 560,000 Chicago Public School students, employee
Nader Issa and Lauren FitzPatrick report: A massive data breach has exposed four years’ worth of records of almost 500,000 Chicago Public Schools students and nearly 60,000 employees, district officials told principals Friday. The attack targeted a company that has a no-bid contract with the district for teacher evaluations and involved basic student and staff…