Cyber Risk News

We bring to your attention a sampling of recent media stories involving cyber risk & privacy liability. Among the stories we’re highlighting this month: Hackers Targeting COVID-19 Vaccine Supply Chain, Top 8 Ransomware Attacks of 2020 That Shook The Internet, AspenPointe Breach Compromises Personal and Healthcare Data of 295,617 Patients, and more.

Ransomware Corner

Hackers Exploit Chopper Maker Kopter’s Data on Dark Web, Leaking Internal Projects and Docs LockBit hackers allegedly breached Kopter’s database.

The cyber attackers leaked the company’s important files on the Dark Web after they infiltrated its internal network and encrypted the company’s files. Click to read entire article

Top 8 Ransomware Attacks of 2020 That Shook The Internet

Cognizant, Magellan, CPI, CSF, Baltimore Schools, Carnival, Canon. Click to read entire article

Cryptocurrency (DDoS BI)

Crypto exchange Poloniex faces outage due to DDoS attack

Global crypto exchange Poloniex experienced an outage earlier today, and the exchange noted that their services were unavailable due to an ‘unexpected issue’, the issue was later identified to have been caused due to a Distributed Denial-of-Service (DDoS) attack. Click to read entire article

Community Banking

River City Bank warns customers of data breach

River City Bank is warning some of its clients that it suspects a data breach of private customer information. Click to read entire article

Healthcare

(Settlement Alert!) Kalispell Regional agrees to $4.2M fund for security breach

Kalispell Regional Healthcare has agreed to establish a $4.2 million settlement fund to provide relief for individuals who allege they were impacted by a data breach of the hospital’s internal systems that was announced in October 2019. Click to read entire article

Allegheny Health Network’s donor and fundraising records hacked

Allegheny Health Network disclosed Friday that its fundraising records and donor database had been hacked as part of a ransomware attack at its technology vendor, Blackbaud. Click to read entire article

Imperium Health Patient Sensitive Data Leaked In Phishing Incident

Imperium Health Management, LLC has published a notice highlighting a recent incident that may have exposed patients’ sensitive data treated by the medical practitioners whom Imperium services. Click to read entire article

AspenPointe breach compromises personal and healthcare data of 295,617 patients

Nonprofit U.S. healthcare provider AspenPointe has said it suffered a major data breach in September that resulted in the loss of the personal and medical information of 295,617 patients. Click to read entire article

LSU Medical Center email breach potentially exposes data on thousands of patients Click to read entire article

Retail

Panera Hit With Ill. Biometric Privacy Lawsuit – Law360

Panera LLC broke Illinois’ landmark biometric privacy law when it required employees to scan their fingerprints. Click to read entire article

Connecticut Leads $17.5M Settlement Over Home Depot Data Breach

Attorney General William Tong today announced that Connecticut, along with the attorneys general of 45 other states and the District of Columbia, has obtained a $17.5 million settlement against Georgia-based retailer The Home Depot, resolving a multistate investigation into the 2014 data breach which exposed the payment card information of approximately 40 million Home Depot customers nationwide. Click to read entire article

Public Entity

County auditor employee sends $600,000 in taxpayer funds to scammers

An employee in the Lucas County Auditor’s Office fell victim to an email scam, sending more than $600,000 in public funds to what the employee thought was a construction contractor. Click to read entire article

Pharmaceutical

Hackers Targeting COVID-19 Vaccine Supply Chain Via Phishing Campaigns

DHS CISA highlighted a new IBM X-Force report showing cybercriminals are targeting the COVID-19 vaccine supply chain with phishing and spear-phishing attacks. Click to read entire article

Breach Regulatory Updates

First Classwide Settlement Involving CCPA Statutory Damages Provides Little Guidance Moving Forward

Three of the first consumer class actions alleging CCPA violations for a failure to implement and maintain reasonable security procedures and practices were filed in February and March of last year against Hanna Andersson and Salesforce.com. Click to read entire article

Canada

Metro Vancouver’s transit system hit by ransomware attack Click to read entire article

(Class Action Lawsuit Alert!) Dell Hit With Class-Action Lawsuit After Data Breach Led To Scam Calls

PC maker Dell has been hit with a proposed class-action lawsuit after exposing the personal information of thousands of Canadians in a 2017 data breach. Click to read entire article

EU/ UK

Royal Dutch Cycling Union refuses to pay ransom following data breach Click to read entire article

Africa

Bank Employee Sells Personal Data of 200,000 Clients

South Africa–based financial services group Absa has stated that one of its employees sold the personal information of 200,000 clients to third parties. Click to read entire article

Middle East

Shirbit hackers release more data as company refuses to pay ransom Click to read entire article

Asia Pacific

Lessons from BigBasket security breach Click to read entire article

New Zealand’s Refreshed Privacy Act Takes Effect

Includes new breach notification requirements, fines and greater regulatory powers.

Click to read entire article


Cyber Risk News Alert Vol 227 - December 16,2020

Download 2020 Cyber Claims Study

The annual NetDiligence® Cyber Claims Study uses actual cyber insurance reported claims to illuminate the real costs of incidents from an insurer’s perspective.

Download

Cyber War and Terrorism

2021

Register Today!

© 2021 NetDiligence All Rights Reserved.