Tag Archives: FBI

FBI Issues Warning about Internet-Connected Toys

We previously reported about the microphone and video capabilities of Echo technology [view related post]. The FBI is also concerned about this technology being used in toys that are connected to the Internet. The FBI is so concerned that yesterday, it issued a Public Service Announcement that warns consumers that Internet-connected toys “could present privacy … Continue Reading

Take-Aways from WannaCry

We have read multiple reports on WannaCry and if you are reading this and don’t know what WannaCry is, Google it for the background story. The clear message is this is not the last major attack we will see, and future attacks will only get more sophisticated. It is being estimated that the cost associated … Continue Reading

West Virginia University Medicine University Healthcare Patients Victims of Identity Theft

West Virginia University Medicine University Healthcare (WVUM) has confirmed that it is sending notification letters to over 7,400 of its patients seen at Berkeley Medical Center as a result of an unauthorized access to their information. It further confirmed that 113 of its patients have become the victims of identity theft as a result of … Continue Reading

Studies Show Ransomware up 6,000% and Reaps Billions and Phishing Emails are Used in 91% of all Cyber-Attacks

A recent IBM study shows that ransomware increased 6,000 percent in 2016 over 2015. According to the report, ransomware was present in almost 40 percent of all spam email messages. Ransomware is big business, since according to IBM Research, over 70 percent of business victims of ransomware pay the ransom for the key to get … Continue Reading

2016 Was the Year of the Data Breach

Although every year we lament about the significance of data breaches in the past year, 2016 was by far the worst. Data breaches were rampant, victimizing every industry and numbing consumers in the process. It was so bad that consumers began to throw up their hands and say “My personal information is out there anyway. … Continue Reading

Large Majority of Businesses Pay to Unlock Ransomware

2016 has been a banner year for ransomware cybercriminals. We have seen a dramatic rise in the use of ransomware, and businesses continue to become victims to ransomware, primarily through phishing and spear phishing schemes. The cybercriminals are getting so brazen, that when they attack a business with ransomware, they actually provide instructions on how … Continue Reading

16 Data Breach Class Action Lawsuits Filed Against 21st Century Oncology Consolidated

We previously reported that 21st Century Oncology suffered a data breach in October 2015 involving an intrusion into its systems which compromised around 2 million patients’ records, including their names, Social Security numbers, physicians’ names, insurance information, treatment information and diagnoses [view related posts here and here]. As a result of the data breach, sixteen … Continue Reading

FBI Issues a Private Industry Alert for State Election Systems

The Federal Bureau of Investigation (FBI) issued a private industry alert on August 18, 2016, to State Boards of Election to alert them of hackings into Board of Election websites.  According to the FBI, it “received information of an additional IP address, 5.149.249.172, which was detected in the July 2016, compromise of a state’s Board of … Continue Reading

White House Directive Outlines Who to Call for Help with a Cyber Incident

Last week, the White House issued a new directive that outlines how the government handles significant cyber incidents, which gives the public information on which agency to call in the event of a cyber incident. We often get asked, “Who do we call—the FBI, Secret Service, DOJ, etc.?” The directive outlines what incidents are considered … Continue Reading

Controversy looms over ECPA amendment in wake of Orlando terrorist attack

After the terrorist attack in Orlando, Florida, early this month, the Electronic Communications Privacy Act (ECPA) has been discussed quite a bit. The ECPA, a law which took effect in 1986, limits the government’s access to electronic communications and other information. Due to the advancement in technology over the past 30 years, Congress finds itself … Continue Reading

Privacy Tip #36 – Connected car security

A recent Government Accountability Office report outlined vehicle cybersecurity concerns, outlining that hackers can penetrate the technology of vehicles in both long range and short range attacks, including targeting Bluetooth controls. These car hackings allow the hackers to access steering, brakes, telematics and critical controls of cars. Just to put the threat in context, it … Continue Reading

FAA announces more drone detection testing at JFK Airport

The Federal Aviation Administration (FAA) announced this week that it will be expanding its research on how to detect ‘rogue’ drones near airports. The FAA will join forces with other government agencies and academic partners to experiment with new drone detection technology at JFK Airport in New York. FAA Senior Advisor on drone integration, Mark Gibson, … Continue Reading

Notice of proposed rulemaking, exemption for biometrics database from the grasp of the Privacy Act

Last week, the U.S. Department of Justice (DOJ) issued a notice of proposed rulemaking in the Federal Register moving to exempt the FBI’s biometrics database from the notice and consent provisions of the Privacy Act of 1974 (Privacy Act). The Privacy Act governs the collection, maintenance, use and dissemination of personally identifiable information (PII) that … Continue Reading

FBI issues another warning of a “dramatic increase” in phishing spoofs of CEOs

We have consistently reported about increased phishing attacks through emails that purport to come from high level executives, including CEOs. According to the FBI, the hackers use sophisticated social engineering to spoof company emails to “assume the identity of the CEO, a company attorney, or trusted vendor. They research employees who manage money and use … Continue Reading

Privacy Tip #29 – U.S. + Canada issue joint ransomware special alert—read and follow recommendations

We have frequently alerted individuals and companies about the increasing risk and success posed by sophisticated phishing schemes. It has become such a real and grave problem that the U.S. Computer Emergency Readiness Team of the Department of Homeland Security (US-CERT) has teamed up with the Canadian Cyber Incident Response Centre to issue a joint … Continue Reading

FBI’s cyber most wanted: Spotlight on Firas Dardar and Ahmed Agha

New additions to the FBI’s Cyber’s Most Wanted List show “the line between ordinary criminal hackers and potential national security threats is increasingly blurry,” according to Assistant Attorney General for National Security John Carlin. The FBI is offering a $100,000 award for information leading to the arrest of two Syrian nationals, suspected of committing dozens … Continue Reading

Class action suit filed against 21st Century Oncology for data breach

We previously reported [view related post] that 21st Century Oncology had suffered a data breach and notified 2.2 million patients that it had been the victim of a hacking that exposed the names, Social Security numbers, physicians’ names, diagnosis information, and insurance information of its patients. Although the intrusion occurred in October 2015, 21st Century … Continue Reading

FBI and Traffic Safety Administration issue warning about car hackings

On March 21, 2016, the FBI and the U.S. National Highway Traffic Safety Administration issued a public safety announcement outlining the dangers of cars getting hacked. The announcement follows the media reporting about two security researchers being able to hack into vehicles and being able to remotely control them. It explains that since new vehicles … Continue Reading

FBI issues warning to law firms

The FBI has issued a Private Industry Notification to law firms indicating that a cyber crime insider trading ring is targeting “international law firm information used to facilitate business ventures.” According to the FBI “[T]he scheme involves a hacker compromising the law firm’s computer networks and monitoring them for material, non-public information….This information, gained prior … Continue Reading

Cyber prosecutions update

The feds have been busy on the cyber prosecutions front. First, on March 18, 2016, the FBI announced that a multi-agency collaborative effort blew up an identity theft ring whose leader was an inmate in a Georgia prison. The ring defrauded the federal government up to $1 million. The ring had employees in big box … Continue Reading
LexBlog