According to Cyberscoop, the cyber gang Cl0p “has claimed responsibility for attacks tied to vulnerabilities in software made by Cleo, an Illinois-based IT company that sells various types of enterprise software.” The gang claimed responsibility for the attacks on its website. The vulnerabilities affect Cleo’s products LexiCom, VLTrader, and Harmony. Cleo reportedly services approximately
Linn Foster Freedman
Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She is a member of the Business Litigation Group and the Financial Services Cyber-Compliance Team, and chairs the firm’s Data Privacy and Security and Artificial Intelligence Teams. Linn focuses her practice on compliance with all state and federal privacy and security laws and regulations. She counsels a range of public and private clients from industries such as construction, education, health care, insurance, manufacturing, real estate, utilities and critical infrastructure, marine and charitable organizations, on state and federal data privacy and security investigations, as well as emergency data breach response and mitigation. Linn is an Adjunct Professor of the Practice of Cybersecurity at Brown University and an Adjunct Professor of Law at Roger Williams University School of Law. Prior to joining the firm, Linn served as assistant attorney general and deputy chief of the Civil Division of the Attorney General’s Office for the State of Rhode Island. She earned her J.D. from Loyola University School of Law and her B.A., with honors, in American Studies from Newcomb College of Tulane University. She is admitted to practice law in Massachusetts and Rhode Island. Read her full rc.com bio here.
Supreme Court to Hear TikTok Case
The United States Supreme Court announced on December 18, 2024, that it will hear the TikTok ban case and has scheduled oral arguments for January 10, 2025, before the ban’s January 19, 2025 effective date.
The case stems from a bipartisan law signed by President Biden that required ByteDance, the Chinese-based parent of the app…
Privacy Tip #425 – Late Shoppers: Beware of Scammers Sending You to Fake Websites
Scammers prey on us at our most vulnerable. Although some of us are early holiday shoppers, others wait until the last minute. Scammers know this and are lurking to find late shoppers scrambling for gifts. Many late shoppers feel a bit desperate, so they are at risk of falling for scams that divert them to…
Rhode Island Becomes First State to Implement PDNS in All School Districts
My home state of Rhode Island may be the smallest in the union, but it has taken on a significant initiative implementing the Protective Domain Name Service (PDNS) in all 64 public school districts. PDNS, an initiative launched by the White House Office of the National Cyber Director, assists K-12 schools with preventing “ransomware and…
OCR Active with Settlements and Enforcement Actions in November and Early December
The Office for Civil Rights of the Department of Health and Human Services (OCR) was busy negotiating and settling enforcement actions in November and early December. Since October 31, 2024, the OCR has settled five separate cases of alleged HIPAA violations. The settlements include resolution agreements and civil monetary penalties.
One of the settlements and…
Privacy Tip #424 – Recent Big Win for Law Enforcement Over Cybercriminals
I often get asked whether law enforcement is making any headway in catching cybercriminals. Although it is a challenging task, a recent example of a big win for law enforcement deserves celebration.
Authorities from 40 countries, territories, and regions came together to assist INTERPOL with a recent global cybercrime initiative known as Operation HAECHI-V. The…
Telecoms Still Trying to Evict Salt Typhoon
According to statements by the Cybersecurity and Infrastructure Security Agency (CISA), the People’s Republic of China-backed (PRC) hacking group Salt Typhoon, which attacked telecommunications providers last month, is still infiltrating the providers and it is “impossible for us to predict a time frame on when we’ll have full eviction.” One reason is that the hackers…
FTC Settles with Companies Over Sale of Sensitive Data
The Federal Trade Commission (FTC) has been on a mission to communicate its seriousness about companies collecting, using, and selling consumers’ sensitive location data and that it is closely watching these practices.
On December 3, 2024, the FTC announced that it entered into a proposed order with Gravy Analytics and its subsidiary Venntel “for unlawfully…
Privacy Tip #423 – FTC Files Complaint Against Mobilewalla for Selling Consumers’ Precise Location Data
Many people do not understand how their geolocation data can be collected and used about them, or how massive the amount of precise location data collected from our devices.
The Federal Trade Commission (FTC) recently filed a complaint against Mobilewalla, Inc., alleging that it violated Section 5 of the FTC Act by selling consumers’…
Enfield, NH Victim of $742K Wire Fraud Scheme
The Town of Enfield, New Hampshire, appears to have been the victim of a man-in-the-middle scheme involving the transfer of $742,000 to a fraudulent bank account. The town is constructing a new $7.2 million public safety building. An employee was tricked into sending the payment to a fraudulent bank account instead of the construction company…