Today’s reminder that malware on point-of-sale systems is still a thing. Danielle Cotterman reports: If you used a credit or debit card at Hilton Garden Inn Cleveland Downtown, you may want to double-check your bank statements. The hotel, located at 1100 Carnegie Avenue, is notifying customers that payment information may have been stolen from cards used…
200,000 Colorado Springs Utilities notified after unauthorized data access of subcontractor’s system
Ashley Eberhardt reports: Colorado Springs Utilities said in an email to customers that sensitive data stored by a subcontractor had been accessed by an “unauthorized party” in June. In the email sent out on Wednesday, Springs Utilities said they learned of the breach on July 6, and that the breach occurred on June 15, 2022….
Federal Court Dismisses Colonial Pipeline Cybersecurity Litigation
Kristin L. Bryan of Squire Patton Boggs writes: Recently a federal court dismissed cybersecurity litigation brought in the wake of the May 2021 Colonial Pipeline Ransomware attack. Ramon Dickerson et al. v. Colonial Pipeline Co. et al., No. 1:21-CV-02098 (N.D. Ga. Jun. 17, 2022). Based on the attenuated theories of liability Plaintiffs sought to advance in this…
FREE RESOURCE: K12 SIX Releases Essential Cyber Incident Response Runbook
HERNDON, Va., July 13, 2022–(BUSINESS WIRE)–The K12 Security Information Exchange (K12 SIX) is pleased to release the second product in its series of free cybersecurity aids for U.S. school districts, charter schools, and private school institutions: an incident response template and runbook to assist in preparation for a cyber-attack. Aligned to the NIST Incident Response Lifecycle—and developed with…
Russian Ministry for Digital Development proposes turnover fines for data breaches
RAPSI News reports: The Ministry for Digital Development, Communications and Mass Media of the Russian Federation is preparing a bill on turnover-based fines for the personal data breach. This additional responsibility is to put business up to invest in the development of the information safety infrastructure and the personal data protection, a statement released on…
Why organizations should (and should not) worry about KillNet
Intel471 has an interesting blog post on KillNet, a group that has declared itself pro-Russian and has been attacking detractors or enemies of Russia. Since first emerging earlier this year, the group has grown into several divisions that have conducted their own attacks. The group continues to be very active recruiters; KillNet has posted messages…