Deborah George of Robinon + Cole writes: Two more state governors, those of Maine and North Dakota, have signed bills into law that adopt the National Association of Insurance Commissioners (NAIC) data security model law (Model Law). Maine and North Dakota join several other states that have already passed similar laws. Hawaii, Idaho, Illinois, Iowa,…
Category: U.S.
Data breach of thousands of Chattanooga Library card owners revealed
Karen Aguilar reports: The Chattanooga Library said the private information of around 5,000 library cardholders had been exposed online since October 2020, an IT team they work with catching the mistake last week. “We will go to the mat to protect somebody’s privacy we absolutely will, and so for this to happen is really, really…
Houston Rockets Hit by “Babuk” Ransomware
Bill Toulas reports: The ransomware group known as “Babuk” has added Houston Rockets to its victim list, warning about the imminent leak of 500GB of stolen data if their payment demands aren’t met. The threat actors present screenshots of the exfiltrated files as proof of possession, showing what appears to be contracts, non-disclosure agreements, customer…
Brokerage firm agrees to $3 mln deal for New York cybersecurity rule violations
Sara Merken reports: Brokerage firm National Securities Corp has agreed to pay $3 million in a settlement with New York’s financial services regulator over shortfalls that resulted in four cybersecurity breaches involving unauthorized access to email accounts. Read more on Reuters. NY DFS’s press release: Superintendent of Financial Services Linda A. Lacewell announced today that…
Software developer charged with damaging the computer system of a Cleveland company
Acting U.S. Attorney Bridget M. Brennan announced that a federal grand jury sitting in Cleveland has returned an indictment charging Davis Lu, 51, of Houston, Texas, with one count of damaging protected computers. The Defendant is accused of using his position as a software developer to execute malicious code on his employer’s computer servers. The…
NY: Montefiore Medical Center discloses fourth insider-wrongdoing breach in seven months
Montefiore Medical Center in New York is notifying patients of yet another insider-wrongdoing breach. Read their press release below and then the comments after it. April 13, 2021 /PRNewswire/ — Today, Montefiore Medical Center is notifying some patients about a security breach involving information illegally accessed by a former employee. Categories of personal information accessed varied…