Lucas Ropek reports: General Motors suffered a hack that exposed a significant amount of sensitive personal information on car owners—names, addresses, phone numbers, locations, car mileage, and maintenance history. The Detroit-based automaker revealed details of the incident in a breach disclosure filed with the California Attorney General’s Office on May 16. Read more at Gizmodo.
Category: U.S.
Bayonne Police Sergeant Charged With Unauthorized Use of Law Enforcement Database
Statement by the Hudson County Prosecutor’s Office: Hudson County Prosecutor Esther Suarez has released the following information: On Tuesday, May 24, 2022, a Bayonne Police Sergeant was arrested on a computer crime charge involving the unauthorized use of a law enforcement database. Richard Killmer, 33, is charged with one count of Computer Theft in violation…
FTC Blog: “The FTC Act Creates a De Facto Breach Disclosure Requirement”
Joseph Lazarrotti of JacksonLewis writes: On May 20, 2022, the Federal Trade Commission’s Team CTO and the Division of Privacy and Identity Protection published a blog post entitled, “Security Beyond Prevention: The Importance of Effective Breach Disclosures.” In the post, the FTC takes the position that in some cases there may be a de facto data breach…
K-12 school districts in New Mexico, Ohio crippled by cyberattacks
Jonathan Grieg reports: Cyberattacks on K-12 schools across the U.S. continued this week with both the Fort Sumner Municipal Schools in New Mexico and Washington Local Schools in Ohio suffering from incidents. The Cl0p ransomware group’s leak site this week displayed sensitive information from students, faculty members and parents from Fort Sumner Municipal Schools. The…
DOJ’s New CFAA Policy is a Good Start But Does Not Go Far Enough to Protect Security Researchers
Andrew Crocker of EFF responds to the announcement this week by DOJ about its revised policy for enforcement of the Computer Fraud and Abuse Act: The Computer Fraud and Abuse Act (CFAA), the notoriously vague anti-hacking law, is long overdue for major reform. Among many problems, the CFAA has been used to target security researchers whose work…
Trust Stamp, a facial recognition company with a $7.2 million ICE contract, had dozens of peoples’ data exposed in breach
Caroline Haskins reports: Trust Stamp, a government contractor that develops facial recognition and surveillance tools for agencies like Immigration and Customs Enforcement, left the personal information of several dozen people unsecured on a breached database, Insider has learned. This information included names, birthdays, home addresses, and driver’s license data. An anonymous tipster who said they…