Photo of Linn Foster Freedman

Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She is a member of the Business Litigation Group and the Financial Services Cyber-Compliance Team, and chair’s the firm’s Data Privacy and Security Team. Linn focuses her practice on compliance with all state and federal privacy and security laws and regulations. She counsels a range of public and private clients from industries such as construction, education, health care, insurance, manufacturing, real estate, utilities and critical infrastructure, marine and charitable organizations, on state and federal data privacy and security investigations, as well as emergency data breach response and mitigation. Linn is an Adjunct Professor of the Practice of Cybersecurity at Brown University and an Adjunct Professor of Law at Roger Williams University School of Law.  Prior to joining the firm, Linn served as assistant attorney general and deputy chief of the Civil Division of the Attorney General’s Office for the State of Rhode Island. She earned her J.D. from Loyola University School of Law and her B.A., with honors, in American Studies from Newcomb College of Tulane University. She is admitted to practice law in Massachusetts and Rhode Island. Read her full rc.com bio here.

To file in the “no one is immune from a sophisticated attack,” category, well-known and respected security firm FireEye publicly announced this week that it has experienced an attack by a state-sponsored (which means a foreign government) hacking group, which successfully obtained its “red team tools.” This is very concerning, as the red team tools

Brazilian airplane manufacturer Embraer’s data have reportedly been uploaded on a dark web website hosted by ransomware group RansomExx (a.k.a. Defray 777) after Embraer reportedly refused to pay a ransom following a ransomware attack last month.

According to ZDNet, the hackers uploaded company files containing “samples of employee details, business contracts, photos of flight

Although it is logical that cyber-attacks have risen during the pandemic, and there is anecdotal evidence that it is occurring, including our own experience, an interesting new report was recently released by Allianz, which provides cyber-liability insurance products.

According to the report, “While the COVID-19 outbreak cannot be said to be a direct cause of

Ancestry.com (Ancestry) was sued on November 30, 2020, in a putative class action case filed in the Northern District of California for “knowingly misappropriating the photographs, likenesses, names, and identities of Plaintiff and the class; knowingly using those photographs, likenesses, names, and identities for the commercial purpose of selling access to them in Ancestry products

Holiday shopping has started in earnest following Thanksgiving. Statistics show that with the pandemic, more shopping will be done online this year than ever before. We provided some tips last week, but I had an opportunity since then to participate in an interview and a podcast on the subject and want to pass them along

Three recent events are prompting me to update our previous blog post on the difficult decision of whether to pay or not to pay ransomware following an attack [view related post].

The first event is the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued an advisory on October 1, 2020,

Baltimore County Public Schools shut down Monday and Tuesday following a ransomware attack that paralyzed the school system’s network last week right before Thanksgiving.

According to the Baltimore Sun, officials described the event as a “catastrophic attack on our technology system.” The ransomware attack is reported to have hit the entire Baltimore County Public Schools’

To assist utilities with assessing and responding to cyber risks, the Federal Energy Regulatory Commission (FERC) and the North American Electric Reliability Corporation (NERC) recently issued a report on best practices to respond to and recover from cybersecurity incidents in the utility industry.

Like other industries, the utility industry is at high risk for cyber-attacks