We bring to your attention a sampling of recent media stories involving cyber risk & privacy liability. This month we’re highlighting massive data breaches, class action lawsuits and settlements, ransomware attacks, theft of IP/trade secrets, theft of payroll money, and more! Don’t miss the items below in ORANGE.

Arizona Beverages, one of the largest beverage suppliers in the U.S., is recovering after a massive ransomware attack last month, TechCrunch has learned. The company is still rebuilding its network almost two weeks after the attack hit, wiping hundreds of Windows computers and servers and effectively shutting down sales operations for days until incident response was called in, according to a person familiar with the matter. More than 200 servers and networked computers displayed the same message: “Your network was hacked and encrypted.” The company’s name was in the ransom note, indicating a targeted attack. Click to read entire article.

UCLA Health reached a proposed settlement for a class action lawsuit stemming from a massive data breach in May 2015 that impacted 4.5 million patients. Click to read entire article.

A class-action lawsuit has been filed against UConn Health, over its reported phishing attack that potentially breached the data of 326,000 patients. Click to read entire article.

This breach has exposed the personal information of 270,000 patients, with some social security numbers being disclosed. Click to read entire article.

Mary Free Bed Rehabilitation Hospital of Grand Rapids City, Michigan, has announced that more than 4,700 patients have had few of its Protected Health Information (PHI) exposed due to the ransomware attack on Wolverine Solutions Group (WSG), their billing services provider based in Detroit. Click to read entire article.

A security breach at Greenville, S.C.-based St. Francis Physician Services’ former medical center may have compromised data from more than 32,000 patients, HIPAA Journal reports. Affected patient records from Greenville-based Milestone Family Medicine, a medical center previously affiliated with SFPS, include information such as names, addresses, health insurance information, Social Security numbers and dates of birth. Click to read entire article.

The emails of nearly 1 billion people were leaked in what experts say is likely the biggest data breach of all time, according to reports. At least 982 million users’ personal information was exposed during the tech firm Verifications.io’s massive privacy breach late last month, according to Unilad.co.uk. Click to read entire article.

The owner of Planet Hollywood and Buca di Beppo restaurants is warning customers about a data breach that lasted 10 months. Earl Enterprises, the owner of Planet Hollywood and several other chains, says it has now resolved the issue after identifying malware installed on point-of-sale systems used at its restaurants. Click to read entire article.

Dutch ASML said on Thursday it had been the victim of corporate espionage in 2015 involving employees from countries including China but said it had not been the target of any “national conspiracy”. ASML said the perpetrators took “large files” on memory sticks from its Silicon Valley software subsidiary that develops software for machine optimization. Click to read entire article.

Nearly half a million dollars was diverted out of the city of Tallahassee’s employee payroll this week after a suspected foreign cyberattack of the city’s human resources management application. Click to read entire article.

The Oregon Department of Human Services (DHS) announced that roughly 2 million emails with Protected Health Information (PHI) from more than 350,000 customers have been potentially exposed after 9 employee mailboxes were compromised in a spear phishing attack. Click to read entire article.

Computer hackers have gained access to thousands of Minnesotans’ data stored in state computers during the past year, including 35,000 people who deal with the Department of Human Services. Click to read entire article.

Over the past six months, Toyota Motor Corporation has been the victim of a series of data breaches in Australia, Thailand, Vietnam and Japan. The latest data breach in Japan is the most serious in nature, impacting the personal information of as many as 3.1 million customers. Click to read entire article.

The school disclosed the breach, its second in less than a year, on Tuesday, saying it feared the exposed information included names, addresses, social security numbers and birth dates. Tech spokesman John Toon said officials at the school, which typically has around 30,000 students enrolled, learned in “late March” that a central database had been accessed by an unknown outside entity. Click to read entire article.

Washington State University has agreed to pay up to $4.7 million to settle a lawsuit that came after a hard drive containing the personal information of more than a million people was stolen from a self-storage locker in 2017. Click to read entire article.

Officials with Franklin Parish Sheriff’s office and the FBI are investigating a security breach of Winnsboro’s utility billing system Jan. 15, said Winnsboro Mayor Sonny Dumas. Several $1,000 were electronically transferred out of the utility billing account over a five-day period. Click to read entire article.

HACKERS have hijacked Asus laptop software and potentially installed malware on over a million computers. Click to read entire article.

The Police Federation of England and Wales (PFEW) has confirmed that it has suffered a ransomware attack, but has said that it was not specifically targetted and was likely to have been impacted as part of a wider campaign. Click to read entire article.

A law firm in the UK has launched a $6.5 million lawsuit against Ticketmaster over the massive data breach that took place in the summer of 2018, according to multiple media outlets. Click to read entire article.

Symantec researchers have discovered a new cyber espionage group dubbed Whitefly, which the vendor believes is responsible for a string of cyber attacks targeting Singapore-based organisations, including the highly publicised SingHealth data breach. Click to read entire article.

The marauders used online grappling hooks to breach the system and take the charity’s computer system hostage then demanded payment – but the Society refused to bow to the infiltrators after immediately locking down its system. Click to read entire article.