It is being reported that U.S. officials are investigating an attack by hackers “linked to Iran’s Islamic Revolutionary Guard Corps (IRGC), also known as the “Cyber Av3ngers,” that allowed them to gain control of a device at the Municipal Water Authority of Aliquippa, PA. The water authority has stated that once the intrusion was detected

Linn Foster Freedman
Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She is a member of the Business Litigation Group and the Financial Services Cyber-Compliance Team, and chair’s the firm’s Data Privacy and Security Team. Linn focuses her practice on compliance with all state and federal privacy and security laws and regulations. She counsels a range of public and private clients from industries such as construction, education, health care, insurance, manufacturing, real estate, utilities and critical infrastructure, marine and charitable organizations, on state and federal data privacy and security investigations, as well as emergency data breach response and mitigation. Linn is an Adjunct Professor of the Practice of Cybersecurity at Brown University and an Adjunct Professor of Law at Roger Williams University School of Law. Prior to joining the firm, Linn served as assistant attorney general and deputy chief of the Civil Division of the Attorney General’s Office for the State of Rhode Island. She earned her J.D. from Loyola University School of Law and her B.A., with honors, in American Studies from Newcomb College of Tulane University. She is admitted to practice law in Massachusetts and Rhode Island. Read her full rc.com bio here.
CISA Issues Mitigation Guide for Healthcare + Public Health Sector
On November 17, 2023, the Cybersecurity & Infrastructure Security Agency (CISA) released a supplemental mitigation guide for the healthcare and public health sector to the Cyber Risk Summary for those sectors published on July 19, 2023.
“This guide provides defensive mitigation strategy recommendations and best practices to combat pervasive cyber threats affecting this critical infrastructure…
FTC and CA AG Settle with DNA Testing Firm for Allegations of Misrepresentation
The Federal Trade Commission (FTC) and the California Attorney General teamed up against California company CRI Genetics, LLC, filing a joint complaint against the company alleging that it engaged in deceptive practices when it “deceived consumers about the accuracy of its test reports compared with those of other DNA testing companies, falsely claimed to have…
Privacy Tip #381 – Research Risks of Smart Toys This Holiday Season
The holidays are upon us, including “cyber week” filled with deals for shopping for the holidays. The U.S. Public Interest Research Group (PIRG) is warning shoppers about smart toys this holiday season. In its article, “Consumer watchdog: ‘Smart toys’ put kids’ privacy at risk,” PIRG outlines the privacy risks associated with smart toys. The…
New York Governor Proposes Cybersecurity Regulations for NY Hospitals
On November 13, 2023, Governor Kathy Hochul released proposed cybersecurity regulations applicable to all hospitals located within the state of New York. The Governor has included $500 million in grant funding in her FY24 budget to assist health care facilities with upgrading their systems to comply with the new requirements.
According to the Governor’s press…
CISA Issues Roadmap for Artificial Intelligence
Following the White House’s Executive Order on AI, the Cybersecurity & Infrastructure Security Agency (CISA) issued its Roadmap for Artificial Intelligence this week “which is a whole-of-agency plan aligned with national AI strategy to address our efforts to: promote the beneficial uses of AI to enhance cybersecurity capabilities, ensure AI systems are protected from cyber-based…
Privacy Tip #380 – Tips + Tools for Protecting Online Privacy
During the last Privacy Law class of the semester, we discuss Privacy and Emerging Technology. My students continue to learn about the collection, use, disclosure, and monetization of consumers’ data, and continue to be amazed at how their data is used without their knowledge. They often ask for tips on how to protect their data…
Boeing Hit with LockBit Ransomware
Boeing has confirmed that its parts and distribution site has been attacked by LockBit ransomware, which is believed to be Russian based. Boeing has said that the attack has not affected flight safety. Boeing is investigating the attack.
LockBit publicly claimed responsibility for the attack and boasted that it had stolen “sensitive data” from Boeing…
HHS Settles with Doctors’ Management Services Over Ransomware Attack
On October 31, 2023, the Office for Civil Rights (OCR) issued a press release announcing that it has settled with Doctors’ Management Services for $100,000 following a ransomware attack that compromised the protected health information of 206,695 individuals.
According to the press release, “this marks the first ransomware agreement OCR has reached.” The facts underlying…
The AI Executive Order and the Healthcare Industry
On October 30, 2023, President Biden issued the “Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence” (AI EO), which has specific impacts on the healthcare industry. We detailed general aspects of the AI EO in a previous blog post.
Some impacts on the healthcare industry have been outlined…