Photo of Linn Foster Freedman

Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She is a member of the Business Litigation Group and the Financial Services Cyber-Compliance Team, and chair’s the firm’s Data Privacy and Security Team. Linn focuses her practice on compliance with all state and federal privacy and security laws and regulations. She counsels a range of public and private clients from industries such as construction, education, health care, insurance, manufacturing, real estate, utilities and critical infrastructure, marine and charitable organizations, on state and federal data privacy and security investigations, as well as emergency data breach response and mitigation. Linn is an Adjunct Professor of the Practice of Cybersecurity at Brown University and an Adjunct Professor of Law at Roger Williams University School of Law.  Prior to joining the firm, Linn served as assistant attorney general and deputy chief of the Civil Division of the Attorney General’s Office for the State of Rhode Island. She earned her J.D. from Loyola University School of Law and her B.A., with honors, in American Studies from Newcomb College of Tulane University. She is admitted to practice law in Massachusetts and Rhode Island. Read her full rc.com bio here.

The most recent in a long list of IT security firms that have been hit with ransomware in the past year, Miami-based Kaseya Ltd disclosed late last week that it was hit with a ransomware attack that may affect hundreds, even thousands, of U.S.-based companies.

Kaseya has publicly stated that it is investigating the attack

I love seeing another win for law enforcement in the cyber context.

Servers and web domains owned by DoubleVPN, a virtual private network, were seized recently following a collaborative law enforcement effort involving the Dutch National Police, the FBI, Europol, and the U.K.’s National Crime Agency.

DoubleVPN is a security tool that has been used

Another fall-out from the SolarWinds incident has surfaced prompting Microsoft to issue a notice to affected customers that an attacker gained access to one of its customer service agents to launch hacking attacks against some of its customers.

During its continued analysis of the SolarWinds incident, Microsoft recently identified that the Nation-State associated NOBELLIUM group

University Medical Center in Las Vegas announced that it recently became the victim of a ransomware attack by REvil, a well-known threat actor that has attacked many hospitals and health systems with the Sodinokibi malware variant.

It is being reported that during the attack, REvil was able to exfiltrate personal information that it then published

Although a security researcher has confirmed that LinkedIn users’ data, including full names, gender, email addresses, telephone numbers, and industry information is for sale on RaidForums by a hacker self-dubbed “GOD User TomLiner,” LinkedIn has stated that it is not from a data breach of its networks. According to LinkedIn, “[O]ur initial analysis indicates that

Reproductive Biology Associates, LLC (RBA) and its affiliate, MyEggBank, notified approximately 38,000 patients that a data breach involving a ransomware attack had exposed the patients’ full names, addresses, Social Security numbers, laboratory results, and information relating to the handling of human tissue. 

RBA stated in the notification that the intrusion by the ransomware group occurred

Maximus, a contractor of the State of Ohio’s Medicaid program reported this week that it experienced a data breach that exposed Medicaid health providers’ names, dates of birth, Social Security numbers, addresses, and other information when it experienced a cybersecurity incident on May 15, 2021.

The incident involved unauthorized access to Maximus’s application that housed