Daniel J. Moses of JacksonLewis writes: As we recently noted, Washington state amended its data breach notification law on May 7 to expand the definition of “personal information” and shorten the notification deadline (among other changes). Not to be outdone by its sister state to the north, Oregon followed suit shortly thereafter—Senate Bill 684 passed unanimously in both legislative…
Texas Moves Forward With Updates to Breach Notification Law and Institutes Privacy Council to Study Data Privacy Legislation
Will R. Daugherty and Caroline B. Brackeen of BakerHostetler write: Texas is one of the many states that looked to be following in the footsteps of California’s enactment of a broad consumer privacy law (the California Consumer Privacy Act), which has far-ranging implications for businesses and consumers. Two comprehensive data privacy bills, HB 4390 and…
Two hacking groups responsible for huge spike in hacked Magento 2.x stores
Catalin Cimpanu reports: Two hacker groups are responsible for a huge spike in the number of hacked Magento 2.x shopping sites, according to Willem de Groot, founder of Sanguine Security. This is now the third month in a row when the number of hacked Magento 2.x sites has doubled, after it previously doubled from March…
CNIL Fines French Real Estate Service Provider for Data Security and Retention Failures
From Hunton Andrews Kurth: On June 6, 2019, the French Data Protection Authority (the “CNIL”) announced that it levied a fine of €400,000 on SERGIC, a French real estate service provider, for failure to (1) implement appropriate security measures and (2) define data retention periods for the personal data of unsuccessful rental candidates. Read more…
FL: ‘Triple Threat’ Ransomware Attack Cripples Email Systems and Services of Lake City
Cyware reports: The Lake City Police Department is investigating a ransomware attack on their city network systems that resulted in the shutdown of several emergency services. The ransomware used in the attack has been detected as ‘Triple Threat’. What happened? In a breach notification, the Lake City police have revealed that the attack occurred on…
FIN8 hackers return after two years with attacks against hospitality sector
Catalin Cimpanu reports that researchers claim to have spotted evidence of ongoing and increasing FIN8 activity: But in a report published today, cyber-security firm Morphisec said it detected and stopped new FIN8 attacks aimed at companies in the hospitality industry. These new attacks leveraged the same malware the group had used in the past but…