In September, 2020 Fairfax County Public Schools in Virginia was hit with Maze ransomware.The attack was announced on Maze’s dedicated leak site in early September, and after multiple queries by this site, FCPS issued a statement confirming that they had been attacked. One month later, the threat actors started dumping some data on their leak…
In a year of supply-chain attacks, do you have your business associate agreements in place?
I recently came across a breach report that is a useful reminder of the value of ensuring that business associate agreements (BAA) are in place, and that compliance with the agreements is assessed regularly. In this instance Humana, a health plan, reported that on December 22, they were notified by a business associate that an…
European e-ticketing platform Ticketcounter extorted in data breach
Lawrence Abrams reports: A Dutch e-Ticketing platform has suffered a data breach after a user database containing 1.9 million unique email addresses was stolen from an unsecured staging server. Ticketcounter is a Dutch e-Ticketing platform that allows clients, such as zoos, parks, museums, and events, to provide online tickets to their venue. Read more on…
Your personal data may have been compromised, Malaysia Airlines tells its frequent flyer members
Shahrin Aizat Noorshahrizam reports: National carrier Malaysia Airlines informed members of its frequent flyer programme Enrich that there had been a “data security incident” at one of its third-party IT service providers. According to the airlines, the incident happened between a nine-year-period from March 2010 to June 2019. Read more on Malay Mail. The airline’s…
Chinese cyber attack foiled: Power Ministry
The Hindu reports: “State-sponsored” Chinese hacker groups had targeted various Indian power centres, the Union Power Ministry said on Monday, but added that these groups have been thwarted after government cyber agencies warned it about their activities. While the government refused to confirm or deny a New York Times report, based on a U.S. cyber…
Who Has Standing in a Data Breach Litigation? In The Third Circuit, Fear of Speculative Future Harm Still Doesn’t Cut It
Aaron Garavaglia and Kristin Bryan of Squire Patton Boggs write: As the number of data breaches continue to rise, so too will the number of lawsuits filed. As CPW previously reported, the number of data breaches in 2020 was more than double that of 2019. One can only wonder what 2021 will bring. Yet with this increase in…