We bring to your attention a sampling of recent media stories involving cyber risk and privacy liability. These exposures include business interruption, legal liability (such as class action lawsuits), as well as crisis costs to investigate the breach, notify the victims and defend/settle lawsuits, including AG regulatory enforcement actions and fines. Also, don’t miss the items below in ORANGE.
On Nov. 26, an “unauthorized third party” gained access to names, dates of birth and lab results, but not insurance or financial information, the company said. Click to read entire article.
Recent data security incidents include a PHI data breach from a computer hack, a missing CD containing patient information, and a missing laptop. Click to read entire article.
If you used the credit card to pay for items at Madison Square Garden you might want to check your account balance because the company has just acknowledged a breach that existed between November 9, 2015 and October 24, 2016. Click to read entire article.
As many attorneys know, attorneys have been the frequent target of scams, such as those promising a big fee to assist in transferring funds to or from overseas or to assist in a collection case. Click to read entire article.
MSU will spend an estimated $2.9 million on identity theft protection in the wake of the data breach that exposed university records of about 400,000 people. Click to read entire article.
A total of 270,000 webforms residing on one particular web server were breached during the attack. Close to 5,000 forms contain student medical information, indicating their health and whether or not they suffer from specific ailments. Moreover, it also provides insights into diseases such as dyslexia, allergies, or other conditions relevant to their behavior. Click to read entire article.
The Russian Central Bank recently reported about a breach that occurred earlier this year. According to Forbes, hackers have attempted to steal a total of $45 million from a multitude of accounts using spoofed credentials for one of the Bank’s customers. Click to read entire article.
BBC broke the news that thousands of TalkTalk and Post Office customers had their internet access cut by an attack on certain routers. Click to read entire article.
Man-in-the-middle attackers could exploit an AirDroid flaw to execute malicious code on devices. Click to read entire article.
The Navy is pressing private contractor Hewlett Packard Enterprise to pay for credit monitoring services for sailors affected by a data breach that exposed more than 130,000 social security numbers, a defense official familiar with the ongoing investigation said. Click to read entire article.
While BLU is only a minor player in the smartphone industry with “only” 30 million devices shipped since being established in 2009, the Miami-based company could soon be facing major troubles. Earlier this month, the Californian consumer electronics manufacturer admitted to a significant security breach which affected approximately 120,000 of its active devices. Click to read entire article.
A Yahoo user alleges she was the victim of identity theft after a 2014 data breach. Click to read entire article.
Adobe was ordered to pay $1 million on Monday to settle a lawsuit over a 2013 data breach that impacted about 38 million people, according to KrebsonSecurity. Click to read entire article.
Data of more than 412 million users was compromised in the latest breach, LeakedSource reported. Passwords taken in the breach were either in plain text or SHA1 hashed, and neither method could be considered secure. Click to read entire article.
Backups meant SFMTA didn’t have to pay 100-Bitcoin ransom demanded by the attacker. Click to read entire article.
The person claiming responsibility for the attack on San Francisco’s MUNI says the SFMTA has lax security, and warns that if the ransom isn’t paid, they’ll release 30GB of compromised data. Click to read entire article.
Fargo woman received a letter from public housing saying she was at risk of identity theft. It was a result of a US Department of Housing and Urban Development data breach and now she’s worried for her safety. Click to read entire article.
Chicago Public Schools has notified the families of about 30,000 students that a district employee improperly distributed confidential student information to a charter school operator for use in a mail advertising campaign. Click to read entire article.
In an effort to help provide some insight into how organizations around the world perceive security, Kaspersky Lab conducted a global study with B2B International of more than 4,000 business representatives from 25 countries. Click to read entire article.
Lawyers have formally filed documents to have a class action lawsuit certified in the Casino Rama Resort data breach. Click to read entire article.
Impending changes to Canada’s Personal Information Protection and Electronic Documents (PIPEDA) could “effectively cause more class-action” lawsuits down the road because companies will be required to report information security breaches that pose “a real risk of significant harm,” a lawyer recently warned insurance professionals. Click to read entire article.
Carleton University is warning students and employees after an external group apparently attempted to hack the school’s IT network. Click to read entire article.
Saskatchewan’s justice ministry is investigating a privacy breach in which an employee at a private SGI licence issuer in Vonda accessed information on thousands of people. Click to read entire article.
Nearly a million Deutsche Telekom customers in Germany were affected by a mass internet outage as hackers attempted to hijack home web routers as part of a wider attack. The firm said as many as 900,000 users, or about 4.5 percent of its 20 million fixed-line customers, suffered internet outages starting on Sunday and continuing into Monday. Click to read entire article.
Thousands of National Lottery players have been exposed to a data breach allowing malefactors to potentially ransack customers’ transaction history, date of birth, bank sort code, and the last four digits of their bank account number, its operator Camelot confirmed on Wednesday morning. Click to read entire article.
Washington: State-sponsored hackers who unleashed a digital bomb in key parts of Saudi Arabia’s computer networks over the last two weeks damaged systems at the country’s central bank, according to two people briefed on an ongoing investigation of the breach. Click to read entire article.
Mark Greisiger
NetDiligence®
Cyber Risk Assessment & Data Breach Services