The Office of Inadequate Security
From OneBlood: OneBlood, the not-for-profit blood center serving much of the southeastern United States is experiencing a ransomware event that is impacting its software system. OneBlood is working closely with cyber security specialists, and also federal, state and local agencies as part of their comprehensive response to the situation. “OneBlood takes the security of our…
Lyann Danielak, Joshua Hutchinson, and Robin Reinertson of Blake, Cassels & Graydon LLP write: On July 4, 2024, the B.C. Court of Appeal issued a duo of class action appeal decisions considering the potential scope of statutory and common law privacy claims against data custodians that fall victim to cyberattacks in data breach cases. In…
On July 29, the Department of Justice filed its opening brief in its appeal of Conor Fitzpatrick’s (“Pompompurin’s”) sentence. The issue at the appellate level is “whether the district court abused its discretion in sentencing Fitzpatrick to a 17-day time-served sentence for possessing child pornography and creating and operating the largest English-language data breach forum…
From their WatchBlog: Earlier this month, a software update from the cybersecurity firm CrowdStrike caused Microsoft Windows operating systems to crash—resulting in potentially the largest IT outage in history. Disruptions were widespread. Around the world, businesses and services were unable to operate as computers crashed, and some critical infrastructure sectors (like transportation, healthcare, and finance)…
Bill Fitzgerald (@FunnyMonkey) has written a post that I wish all school districts would read, process, and follow up on. The following is just a snippet from his post: We should assume that the KnowBe4 impersonation and the xz incident are not isolated or unique, and that there are other similar attacks underway that are…
Jonathan Greig reports on some of the significant findings in IBM’s new survey on the cost of a breach: Businesses that fall victim to a data breach can expect a financial hit of nearly $5 million on average — a 10% increase compared to last year — according to IBM’s annual report on cybersecurity incidents….