Alex Berengaut of Covington & Burling analyzes some of the legal issues raised by the indictment of Marcus Hutchins (@malwaretechblog) for allegedly creating and conspiring to sell malware known as the Kronos banking trojan. He writes, in part: Since Hutchins’ indictment, commentators have questioned whether the creation and selling of malware—without actually using the malware—violates…
Category: U.S.
IT staffers may have compromised sensitive data to foreign intelligence
Paul Sperry reports: Federal authorities are investigating whether sensitive data was stolen from congressional offices by several Pakistani-American tech staffers and sold to Pakistani or Russian intelligence, knowledgeable sources say. What started out 16 months ago as a scandal involving the alleged theft of computer equipment from Congress has turned into a national-security investigation involving…
Pacific Alliance Medical Center notifies 266,123 patients of ransomware incident
From their web site, the following breach notification. According to their report to HHS, 266,123 patients were notified. Notice of Data Breach At Pacific Alliance Medical Center (PAMC), we understand that the confidentiality and security of medical and personal information is critically important, and we are committed to protecting it. The purpose of this post…
Another rough week for HBO as hackers and mistakes result in more leaks
Ugh. Because I’ve been mostly offline, I missed a narrow window during which the HBO hackers’ newest data leak – which they call “wave 4” – was available online yesterday to selected journalists. By the time I got the hackers’ notification, the data dump had been removed. The email notification with the link to the…
OSHA Suspends ITA Due to Security Breach
Tressi L. Cordaro of Jackson Lewis writes: On Monday we blogged about the availability of the new OSHA Injury Tracking Application (“ITA”) that serves as the web portal for the submission of injury and illness information (300 Logs, 301 Forms and 300A Forms) under OSHA’s “Improve Tracking of Workplace Injuries and Illnesses” rule (aka Electronic Recordkeeping…
MN: Error exposes private info on thousands of South Wash. Co. students
Solvejg Wastvedt reports: Leaders of the South Washington County Schools apologized Thursday for a massive, accidental release of private student information sent out in an email attachment Wednesday from the district’s transportation department. The attachment contains names, grades, identification numbers, email addresses, mailing addresses, phone numbers, bus routes, pick up and drop off times, pick…