Bret Cohen, Paul Otto, Nathan Salminen, and Morgan Perna (law clerk) of Hogan Lovells write: ….This installment of the Hogan Lovells’ CCPA series explains the CCPA’s security requirement and consequences for non-compliance, and describes security controls that most organizations can implement to mitigate this risk. Available statutory penalties The CCPA allows consumers to sue businesses…
Pharmaca notifies customers of payment card breach affecting brick-and-mortar stores
Those of us who read breach notifications to state attorneys general (yes, we have no life), likely all spotted a notification in mid-January involving Pharmaca. The notification stated that in December, 2018, Pharmaca started receiving reports of payment card fraud. Their investigation, with help from security experts, revealed that malware may have captured customer payment…
Cybersecurity for small business: Email authentication
Andrew Smith, Director, FTC Bureau of Consumer Protection, writes: As a business person, you know about phishing, of course. At first glance, the email looks like it comes from a recognized company, complete with a familiar logo, slogan, and URL. But it’s really from a cyber crook trying to con consumers out of account numbers,…
Stolen Credit Card Data from City Parking Systems Sold on the Dark Web
Bruno reports: The hackers of the city parking fine system in Saint John, Canada have been selling sensitive data on the dark web for over a year. The security breach in the system was not spotted for 15 months after the initial attack, which ultimately allowed the hackers to gain personal information and credit card…
Update: Hackers release CarePartners employees’ wage statements and other financial files
On February 6, this site broke the news that some data from the CarePartners hack of 2018 was being dumped publicly, presumably as a way to increase pressure on CarePartners to pay the “requested” fee for the hackers not to release any more data. As noted in the February 6 report, there were two data…
AU: Foreign actor could be to blame for cyber-security breach at federal parliament
Greg Brown reports: Labor MP Anthony Byrne has called for top bureaucrats to be hauled before the parliamentary intelligence and security committee amid concern among federal MPs a foreign actor has breached the IT systems of politicians. Mr Byrne, the deputy chair of the parliamentary joint committee on intelligence and security, has demanded an explanation…