Ashden Fein, Robert Huffman, Moriah Daugherty, and Hensey A. Fenton III of Covington and Burling write: On March 15, 2022, President Biden signed the Consolidated Appropriations Act 2022, a $1.5 trillion omnibus spending package to fund the government through September 2022. The omnibus spending package includes the Cyber Incident Reporting for Critical Infrastructure Act of…
Hidden privacy lessons in the FTC’s CafePress security enforcement
Cobun Zweifel-Keegan writes: In its most recent cybersecurity enforcement decision, the U.S. Federal Trade Commission announced a draft settlement agreement with the current and former operators of the customized merchandise website CafePress.com. Although the unanimous consent order focuses primarily on the company’s lax security practices, which allegedly led to multiple data breaches, there are also a few…
Morgan Stanley Data Security Settlement emails being sent
UPDATE: DO NOT CALL DATABREACHES.NET IF YOU RECEIVED ERRONEOUS MAIL FROM MORGAN STANLEY. THIS SITE IS MERELY REPORTING ON THE NEWS. CONTACT MORGAN STANLEY’S SETTLEMENT SITE FOR ALL INQUIRIES OR PROBLEMS: https://www.morganstanleydatasecuritysettlement.com/ In January, Morgan Stanley agreed to settle a lawsuit stemming from its failure to properly dispose of hardware containing personally identifiable information during…
Facebook fined $18.6M over string of 2018 breaches of EU’s GDPR
Natasha Lomas reports: Facebook’s parent company, Meta, has been fined €17 million (~$18.6 million) by the Irish Data Protection Commission (DPC) over a string of historical data breaches. The security lapses in question, which appear to have affected up to 30 million Facebook users, date back several years — and had been disclosed by Facebook…
Lawmakers Probe Early Release of Top RU Cybercrook
Brian Krebs reports: Aleksei Burkov, a cybercriminal who long operated two of Russia’s most exclusive underground hacking forums, was arrested in 2015 by Israeli authorities. The Russian government fought Burkov’s extradition to the U.S. for four years — even arresting and jailing an Israeli woman to force a prisoner swap. That effort failed: Burkov was…
Russian State-Sponsored Cyber Actors Gain Network Access by Exploiting Default Multifactor Authentication Protocols and “PrintNightmare” Vulnerability
There’s a new Joint Cybersecurity Advisory (Product ID: AA22-074A) SUMMARY: The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory (CSA) to warn organizations that Russian state-sponsored cyber actors have gained network access through exploitation of default MFA protocols and a known vulnerability. As early as…