There have been a few developments likely related to the seizure of BreachForums. As a preview, recall that Kantonspolizei Zürich was one of the cooperating entities in the takedown and that the seizure notice had two avatars behind bars. One avatar was Baphomet, the administrator of the forum. The other was a default avatar that…
UK NCSC and Insurance Associations Publish Guidance on the Approach to Ransom Payments
Financial and insurance organizations have been under increasing attack by Scattered Spider. Now there is more guidance for entities. Hunton Andrews Kurth notes: On May 14, 2024, the UK National Cyber Security Centre (“NCSC”) and three major UK insurance associations (Association of British Insurers (“ABI”), British Insurance Brokers’ Association (“BIBA”) and International Underwriting Association (“IUA”)),…
British Library’s candid ransomware comms driven by ’emotional intelligence’
Connor Jones reports: Emotional intelligence was at the heart of the British Library’s widely hailed response to its October ransomware attack, according to CEO Roly Keating. The British Library’s (BL) ransomware attack last year was one of the most damaging in recent memory, at least in the UK. The transparency of the organization’s response over…
Utah Updates to Breach Notification Requirements Take Effect
Dorothy Parson McDermott of JacksonLewis writes: On May 1, 2024, amendments to Utah’s cybersecurity and data breach notification law took effect. The state’s cybersecurity and data breach notification law requires an organization that conducts business in the State of Utah to prevent the unlawful use or disclosure of personal information collected by the organization. Under…
Microsoft to start enforcing Azure multi-factor authentication in July
Sergiu Gatlan reports: Starting in July, Microsoft will begin gradually enforcing multi-factor authentication (MFA) for all users signing into Azure to administer resources. After first completing the rollout for the Azure portal, the MFA enforcement will see a similar rollout for CLI, PowerShell, and Terraform. Redmond says customers will also receive additional information via email…
Cyberattack fallout: Ascension and DocGo troubles ricochet
Andrea Fox reports: DocGo, an ambulatory and remote patient monitoring provider in the U.S. and U.K. filed a notice on May 7 with the U.S. Securities and Exchange Commission over U.S. patient data breached in a recent cyberattack. “As part of its investigation, the company has determined that the threat actor accessed and acquired data,…