Simon Sharwood reports: Citrix has taken the unusual step of rebutting dark web discourse that alleges its networks have been compromised. A Wednesday post penned by CISO Fermin J. Serna says the company is aware of “threat intelligence report circulated concerning claims made on the dark web by a threat actor alleging compromise of the Citrix network,…
SEC’s OCIE Issues Ransomware Risk Alert
Kate Hanniford of Alston & Bird writes: On July 10, the SEC’s Office of Compliance Inspections and Examinations (OCIE) issued a Risk Alert noting the increasing sophistication of ransomware attacks on SEC registrants and service providers to SEC registrants. The Risk Alert is notable for its encouragement of financial services market participants more broadly and not just…
Beyond Data Breach: Evaluating Coverage for Misuse of Information Claims
Kyle Medley and Judith Selby of Hinshaw write: Cyber insurance policies typically include coverage for claims arising out of violations of cyber and privacy laws and regulations, but the coverage provided can vary greatly from policy to policy. When considering whether any given claim falls within a policy’s coverage, the following issues should be considered:…
UK: South East Coast Ambulance employee personal and medical details exposed
Charlie Harman reports: The South East Coast Ambulance Service has experienced a massive data breach and has referred itself to a privacy watchdog. In May, the personal and medical details of all ambulance staff could have been seen by employees outside of senior management. Read more on KentOnline
Whose data are these — and are they real? NightLion v. Troia, Round 2
July 28 — Please see the correction notice and update at the bottom of this post. On Sunday, a person or persons calling themself “NightLion” revealed that they had hacked DataViper.io. Data Viper is a service its founder, Vinny Troia, describes as “A Threat Intelligence Platform Designed To Provide Organizations, Investigators, And Law Enforcement With…
Update on Click2Gov incident in Palm Bay
The city of Palm Bay has apparently had enough of Click2Gov concerns and is parting company with their vendor. According to a report on Hometown News, the city has received an update from Central Square about the potential breach it learned about on June 29: Central Square has identified a security vulnerability within their system;…