Remember last year and earlier this year when we covered a ransomware attack on Fairfax County Public Schools by Maze that impacted more than 170,000 people? Well, there’s no need to hack when it’s leaking due to human error or failure to adhere to federal law protecting students’ education records. Rick Horner reports: Fairfax County…
Search Results for: ransomware
Mobile County Commission notifies employees of data breach; threat actors dump more data
WKRG reports an update to a ransomware attack on Mobile County that was previously reported in June after SuspectFile broke the story of Grief’s attack and claims. As previously addressed in statements published by Mobile-area media, Mobile County recently discovered suspicious activity related to some of its computer systems. We immediately shut down and launched…
Connecticut Enacts Safe Harbor From Punitive Damages In Data Breach Cases
Jason Gavejian and Joseph Lazzarotti of JacksonLewis write: Effective October 1, 2021, Connecticut becomes the third state with a data breach litigation “safe harbor” law (Public Act No. 21-119), joining Utah and Ohio. In short, the Connecticut law prohibits courts in the state from assessing punitive damages in data breach litigation against a covered defendant…
CA: Threat actors dump tens of thousands of driver’s license images and several thousand credit reports for customers of Walter’s Automotive Group
Credit reports for a few thousand customers of Audi Ontario and Porsche Ontario dealerships were dumped by ransomware threat actors who claim they locked Walter’s Automotive Group and exfiltrated data, but Walter’s would not respond to them. More than 22,000 driver’s license images were also in the data dump. If you bought an Audi or…
Kelihos botmaster Peter Levashov to be sentenced today (updated)
It’s been a long time coming — too long, some might say — but the Russian hacker involved in the Kelihos botnet will find out his sentence today. Peter Levashov pleaded guilty in September, 2018. Another Russian national, Oleg Koshkin, 41, formerly of Estonia, operated the websites “Crypt4U.com,” “fud.bz” and others. According to court records…
The new minimization technique for breach disclosures?
Remember when “We take your privacy and security very seriously” became de rigueur in breach disclosures? Now there’s other language being frequently added to breach disclosures — language that makes it sound like what the entity is about to tell you is really no huge deal, but if you feel you really need to protect…