Tag Archives: Hackers

New Mexico Enacts Data Breach Notification Law

Governor Susana Martinez recently signed into law the New Mexico “Data Breach Notification Act” (the Act), making New Mexico the 48th state (plus Puerto Rico and the District of Columbia) to adopt legislation mandating the provision of notice in the event of a data breach. The Act – which takes effect June 16, 2017 – … Continue Reading

Eight Thousand Clients Affected by Data Breach at Two Massachusetts Accounting Firms

Two Massachusetts accounting firms separately recently notified the Office of the Massachusetts Attorney General and the Office of Consumer Affairs and Business Regulation of data breach incidents at their firms, resulting in the unauthorized access of their respective clients’ names, addresses and Social Security numbers. The first accounting firm, King McNamara Moriarty LLP (KMM) discovered … Continue Reading

IRS to Notify 100,000 Taxpayers That Their Information May Have Been Obtained Through Misuse of FAFSA Retrieval Tool

On Thursday, Internal Revenue Service (“IRS”) Commissioner John Koskinen testified that the personal data of up to a 100,000 taxpayers could have been compromised as a result of criminal use of the Free Application for Federal Student Aid Data Retrieval Tool (“DRT”). Last week, we posted that the IRS disabled the tool after it suspected … Continue Reading

Yahoo Breaches Cost Shareholders $350 Million From Lowered Purchase Price, CEO Forfeits $14 Million in Compensation

Yahoo’s troubles for failing to timely disclose security breaches provides rare insight into quantifying the financial and other costs to a company’s shareholders and leadership when a security breach occurs and is mishandled. In 2014, more than a billion Yahoo accounts were hacked. Then in 2015 and 2016, more than 500,000 Yahoo user accounts were … Continue Reading

Sony Cyber-Attackers Lurking at Financial Supervisor “Watering Hole” Target Banks and Others

Cybersecurity specialists at BAE Systems and Symantec announced last week new evidence suggesting that the criminals behind the notorious 2014 attack on Sony Corp. are also responsible for recent cyber-attacks involving 104 organizations in 31 countries. Researchers and investigators have long attributed the 2014 Sony attack, which crippled computer systems and revealed internal emails, to … Continue Reading

Major League Baseball fines Cardinals and Plucks Draft Picks for Hacking the Astros

It doesn’t always pay to be a hacker. Major League Baseball (MLB) this week made a strong statement about its tolerance for teams hacking other teams. We previously reported on the incident when a Cardinals employee hacked into the Astros database to lift information about scouting and rankings of eligible draft picks. [view related posts … Continue Reading

Los Angeles Community College Pays Ransomware to Retrieve Data

On December 30, 2016, the Los Angeles Community College computer network was kidnapped by cyber criminals requesting a ransom for its return. The ransomware encrypted the college’s entire network system, including email and voice mail systems. Rather than attempt to restore all of the data days before classes were to resume, on January 4, 2017, … Continue Reading

Three Chinese Citizens Charged with Hacking New York Law Firms

Preet Bharara, the U.S. Attorney for the Southern District of New York, announced that three Chinese citizens have been charged for attempting to hack into seven law firms involved in mergers and acquisitions to pilfer information to use for insider trading. The suspected hackers were successful in hacking into the information systems of two unidentified … Continue Reading

Trading Card Maker Topps Notifies Customers of Data Breach

According to several media outlets, Topps, whose products include sports trading cards, recently notified customers via email of a security breach. Information that may have been compromised includes bank account numbers, names, and email addresses of customers who placed orders between July 30 and October 12, 2016. Topps has not publicly released the number of … Continue Reading

The State of Cybersecurity in 2016 and the (potential) Great Cyber Fire

Cybersecurity hit the news hard in 2016. The number of high profile, and troubling, cyber incidents increased significantly. The Democratic National Committee and one of Clinton’s top advisor’s being hacked, with leaked emails by Russia, according to intelligence reports, may have influenced the U.S. election. Theft of document from the Mossack Fonseca law firm in … Continue Reading

2016 Was the Year of the Data Breach

Although every year we lament about the significance of data breaches in the past year, 2016 was by far the worst. Data breaches were rampant, victimizing every industry and numbing consumers in the process. It was so bad that consumers began to throw up their hands and say “My personal information is out there anyway. … Continue Reading

Cyber-attack on LA County Compromises 756,000 individuals’ information

A Nigerian national has been charged with a cyber-attack on Los Angeles County employees that compromised the personal information of over 756,000 people. The attack took place on May 13, 2016, when the attacker sent a phishing email to over 1,000 LA County employees from several departments. 108 of the employees provided the hacker with … Continue Reading

Top Ten Education Developments, Breaches, and Settlements of 2016

This year has been a busy year for education law in the area of data privacy. Educational institutions continue to be a rich target for hackers. Additionally, there were some important developments in the interpretation of Family Educational Rights and Privacy Act (FERPA) and the Telephone Consumer Protection Act (TCPA) as it applies to educational … Continue Reading

Yahoo Announces Another Breach of One Billion Accounts

Yahoo Inc. announced on December 14th that hackers stole the personal information of more than one billion users, which is in addition to the 500 million accounts compromised that was announced in September. In its announcement, Yahoo said that an investigation found that hackers stole names, email addresses, telephone numbers, dates of birth, hashed passwords, encrypted … Continue Reading

University of Wisconsin Announces Data Breach of Law School Applicants

Last week, the University of Wisconsin Law School notified 1,213 applicants from 2005-2006 that their names and Social Security numbers were breached back in November. The University discovered that a hacker gained access to the applicants’ data on November 3rd, but the investigation is still ongoing. No other personal information was accessed. A spokesman for … Continue Reading

Quest Diagnostics Announces Breach of 34,000 Records

Quest Diagnostics, which operates medical laboratories, has announced that 34,000 customer records were exposed during a hacking incident that occurred on November 26th. The hacker obtained access to the information through an internet application on Quest’s network. The compromised information includes patient names, dates of birth, lab results, and some telephone numbers. No Social Security … Continue Reading

New IBM/Ponemon Study Shows Low Organizational Cyber Resilience

A new IBM/Ponemon Study released late last week, 2016 Cyber Resilient Organization, reveals that only 32 percent of IT and security professionals believe that their organization has a “high” level of cyber resilience. The study interviewed 2,400 IT and security personnel across the world. The study shows that 66 percent of those professionals believe that … Continue Reading

Privacy Tip #62 – PoisonTap Can Compromise Computer with USB Stick

Security researcher Samy Kamkar has announced that a new hacking tool—PoisonTap—can  be loaded onto a USB stick and used to hijack the Internet connection of one’s computer. The way it works is that if someone leaves their computer unattended, a hacker can stick the USB drive into the unattended laptop and although the individual may … Continue Reading

International Cellular Roaming – Am I Secure?

Many firms have strict international travel policies in relation to the use of technology. These policies tend to be more skewed towards countries with greater state control over communications networks and specifically the internet. However, the reality is that you are vulnerable whenever your device is roaming internationally. When roaming, local providers use a global … Continue Reading
LexBlog