Catalin Cimpanu reports: A 30-year-old Moldovan man pleaded guilty on Friday for creating FastPOS, a strain of malware designed to infect computers processing payment card data from Point-of-Sale (POS) systems. Valerian Chiochiu, known in the hacking world as “Onassis” (after the Greek shipping magnate who married Jacqueline Kennedy), was part of the Infraud criminal organization….
Morgan Stanley Hit with Class Lawsuit Over Alleged Data Breaches
Jed Horowitz reports: Former and current Morgan Stanley customers have filed a putative class-action lawsuit alleging negligence and invasion of privacy over the firm’s failure to properly scrub decommissioned hardware of personal information such as social security numbers, account numbers and other personal data. Morgan Stanley earlier this month began notifying brokers and customers that some…
GandCrab ransomware operator arrested in Belarus
Ionut Ilascu reports: An affiliate of the GandCrab ransomware-as-a-business (RaaS) has been arrested, according to an official release. Authorities were able to identify the individual in cooperation with law enforcement in Romania and the U.K. The cybercriminal’s identity has not been published but Office “K” of the Ministry of Internal Affairs in Belarus says that he…
Why a Data Breach at a Genealogy Site Has Privacy Experts Worried
Heather Murphy reports that a data security incident involving GEDmatch has people worried. GEDmatch already had privacy advocates worried because of the data it has shared with law enforcement. Now there was a new reason for concern….. The peculiar matches began early on a Sunday morning. Across the world, genealogists found that they had numerous…
Article: Optimizing Breach Notification
A new article is available for download on SSRN: Verstraete, Mark and Zarsky, Tal, Optimizing Breach Notification (July 14, 2020). University of Illinois Law Review, Vol. 2021, Available at SSRN: https://ssrn.com/abstract=3650724 Abstract Maintaining data security is a crucial social objective in the digital age. An emerging strategy to ensure adequate security is through breach notification laws,…
Some Cub Pharmacies in Minnesota report breaches due to looters
Cub Pharmacies is the fourth chain I’ve seen that is reporting some theft of protected health information related to looters during protests in May. But when you read the descriptions of these events — these not just protesters protesting. These people intentionally stole patient data and records. For what political protest purpose? None that I…