Photo of Linn Foster Freedman

Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She is a member of the Business Litigation Group and the Financial Services Cyber-Compliance Team, and chair’s the firm’s Data Privacy and Security Team. Linn focuses her practice on compliance with all state and federal privacy and security laws and regulations. She counsels a range of public and private clients from industries such as construction, education, health care, insurance, manufacturing, real estate, utilities and critical infrastructure, marine and charitable organizations, on state and federal data privacy and security investigations, as well as emergency data breach response and mitigation. Linn is an Adjunct Professor of the Practice of Cybersecurity at Brown University and an Adjunct Professor of Law at Roger Williams University School of Law.  Prior to joining the firm, Linn served as assistant attorney general and deputy chief of the Civil Division of the Attorney General’s Office for the State of Rhode Island. She earned her J.D. from Loyola University School of Law and her B.A., with honors, in American Studies from Newcomb College of Tulane University. She is admitted to practice law in Massachusetts and Rhode Island. Read her full rc.com bio here.

The FBI issued a Private Industry Notification targeted to the health care sector on September 12, 2022, warning that it has “identified an increasing number of vulnerabilities posed by unpatched medical devices that run on outdated software and devices that lack adequate security features.”

The potential threats identified include outdated software that is unable to

Provider groups and privacy advocates have joined together to put pressure on Congress to pass two bipartisan bills designed to bolster children and teens’ privacy.

The Kids Online Safety Act (S. 3663) and the Children and Teens’ Online Privacy Protection Act (S. 1628) were both passed out of the Senate subcommittee with bipartisan support. That’s

Password manager LastPass, reportedly used by more than 33 million users, recently announced that it was hacked, and although it reports that no passwords of users were compromised in the incident, unfortunately, its source code was stolen.

 According to LastPass

“We have determined that an unauthorized party gained access to portions of the LastPass development

In its Mid-Year Cyberthreat Report published on August 24, 2022, cybersecurity firm Acronis reports that ransomware continues to plague businesses and governmental agencies, primarily through phishing campaigns.

According to the report over 600 malicious email campaigns were launched in the first half of 2022, with the goal of stealing credentials to launch ransomware attacks. Other

Government offices and public services in Fremont County, Colorado, have been disrupted since August 17, 2022, due to a “cybersecurity event affecting our county computer systems.”

As of the official update issued August 24, 2022, “all of the county’s buildings remain closed. This includes administration and public health buildings.”

The update reveals how difficult it

On August 23, 2022, the Office for Civil Rights (OCR) issued a press release announcing that it had settled with New England Dermatology, P.C. (NED) for $300,640 “over the improper disposal of protected health information.”

The OCR’s investigation began after NED submitted a breach report stating that

“empty specimen containers with protected health information on

This week, in addition to the news-catching, ongoing dispute between Twitter and Elon Musk, Twitter’s former head of cybersecurity, Peiter Zatko, claimed in a whistleblower filing with several federal agencies that Twitter has “extreme egregious security deficiencies,”  which are being described as “dangerous data privacy and security risks for Twitter users.”

Following Zatko’s claims

On August 16, 2022, CISA (the Cybersecurity and Infrastructure Security Agency) and the Multi-State Information Sharing & Analysis Center (MS-ISAC) issued an Alert outlining multiple Common Vulnerabilities and Exposures (CVEs) that threat actors are actively exploiting against Zimbra Collaboration Suite, which is “an enterprise cloud-hosted collaboration software and email platform.”

According to the Alert:

“Cyber

The FBI and CISA recently issued a Cybersecurity Alert entitled “#StopRansomware: Zeppelin Ransomware” providing an alert to organizations about the proliferation of Zeppelin ransomware attacks and information on the indicators of compromise and techniques to combat them.

According to the Advisory, “From 2019 through at least June 2022, actors have used this malware to target