It’s hard to believe another year has gone by, and it’s hard to think in terms of “Merry” when so many people have lost loved ones or are suffering this year, but here’s hoping you find some joy and happiness in this season — even if it’s just for a while. PogoWasRight.org and DataBreaches.net are…
Duneland School Corporation notifying employees and dependents of data breach
“Duneland School Corporation” sounds like it should be an education-related business but it’s actually a school district in Indiana. On October 27, they discovered that they had experienced a security incident that sounds like a ransomware attack. In a statement on their website, they note: Through our investigation, we determined that an unauthorized person obtained…
Update: Albanian Prime Minister Says Data Leak Was Internal Infiltration
There’s an update to the data security incident impacting Albanian residents. As reported previously, information on the salaries and personal information of 637,138 residents working in the private and public sectors had leaked, and the source of the leak was unclear. Alice Taylor reports that it appears to be an insider incident: On Wednesday and…
Washington State Data Breaches in 2021 – Analysis
The Washington State Attorney General report on data breaches reported to their office in 2021 shows a significant increase over previous years. No surprise there, right? From the Executive Summary: 2021 set a new record for the highest number of data breach notices sent to Washingtonians (6.3 million). This represents approximately an 80% increase on…
2021 Year in Review: Data Breach and Cybersecurity Litigations
Kristin Bryan, Rafael Langer-Osuna, Jesse Taylor, and Katie Sharpless of Squire Patton Boggs write: 2021 was another year of high activity in the realm of data event and cybersecurity litigations with several noteworthy developments. CPW has been tracking these cases throughout the year. Read on for key trends and what to expect going into the…
Phishing victim can’t claim $5 million loss for money it never ‘held’
File this one under how-well-do-you-really-understand-your-cyberinsurance-policy. Barbara Grzincic reports: A commercial-crime insurance policy didn’t cover RealPage for a $5 million phishing loss because the property-management service provider never “held” any of the purloined money, a federal appeals court held. The 5th U.S. Circuit Court of Appeals affirmed a win for AIG’s National Union Fire Insurance Company…