Cindy Cohn of EFF writes: When a company that collected your personal data negligently fails to secure it, you should have accountability and relief—including standing to sue. EFF and our friends at Electronic Privacy Information Center filed an amicus brief in late November pointing this out to the U.S. Court of Appeals for the Fourth Circuit in…
Rackspace’s costs to deal with ransomware attack top $10 million
Eric Killelea reports: Rackspace Technology Inc. spent $10.8 million on expenses related to a ransomware attack in December that blocked thousands of customers from accessing their emails and related data, according to regulatory filings. The San Antonio-based cloud computing company paid for costs to “investigate and remediate, legal and other professional services, and supplemental staff resources that…
Data breach at French govt agency exposes info of 10 million people
Bill Toulas reports: Pôle emploi, France’s governmental unemployment registration and financial aid agency, is informing of a data breach that exposed data belonging to 10 million individuals. “Pôle emploi became aware of the violation of the information system of one of its providers involving a risk of disclosure of personal data of job seekers,” reads the press…
Thousands have SSNs leaked after ransomware attack on Ohio state archive org
Jonathan Greig reports: One of the oldest historical societies in the state of Ohio was hit with a ransomware attack that leaked the sensitive information of thousands, according to a statement the organization released this week. The Ohio History Connection is a statewide history nonprofit chartered in 1885 that manages more than 50 sites and…
What the SEC’s Investigation of SolarWinds Means for CISOs and Cybersecurity Disclosures
Sid Mody, Andrew J. Geist, Shelly Heyduk, Bill Martin, and Anna Xie discuss the implications of recent actions by the SEC. They write, in part: In sending a Wells Notice to SolarWinds’s CISO, the SEC has put CISOs generally on high alert that the agency is focused on how such professionals may be involved in…
Proposed UN Cybercrime Treaty Threatens to be an Expansive Global Surveillance Pact
Katitza Rodriguez of EFF writes: In the heart of New York City, a watershed moment for protecting users against unfettered government surveillance is unfolding at the sixth session of negotiations to formulate the UN Cybercrime Convention. Delegates from Member States have convened at UN Headquarters for talks this week and next that will shape the digital and…