I have never been a fan of TikTok. In general, I do not trust any Chinese technology companies because of the influence and requirements the Chinese government wields over them....more
8/7/2020
/ Biometric Information ,
China ,
Data Collection ,
Data Security ,
Facial Recognition Technology ,
Foreign Relations ,
Legislative Agendas ,
Mobile Apps ,
Personally Identifiable Information ,
Social Media ,
TikTok ,
Trump Administration
On July 20, 2020, the Connecticut Insurance Department issued a bulletin to licensees reminding them that the Connecticut Insurance Data Security Law (“Act”) becomes effective on October 1, 2020 and providing guidance on...more
This week, I received a breach notification letter from a large financial institution stating that my personal information, including my name, Social Security number, account name and number, contact information, date of...more
As you know, I very rarely download mobile apps. Except for a multi-factor authentication app, and of course, the Jumbo privacy app....more
6/12/2020
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Dark Web ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Hackers ,
Mobile App Privacy Guidelines ,
Personally Identifiable Information
After incidents of Zoom “bombing,” including a recent intrusion by hackers to disrupt a church service with foul content (don’t these guys have better things to do?), it has been reported that hackers are now taking advantage...more
Adult Streaming Site Leaves 7TB of Users’ Information Unsecured -
Live adult streaming website CAM4 has reportedly not secured 7TB of users’ information, which may be able to be used for blackmail and identity theft...more
5/11/2020
/ California Consumer Privacy Act (CCPA) ,
Charitable Organizations ,
Coronavirus/COVID-19 ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Security ,
Hackers ,
Health Care Providers ,
OCR ,
Personally Identifiable Information ,
Scams
ExecuPharm Data Stolen in Ransomware Attack Published on Internet -
In a growing trend, pharmaceutical company ExecuPharm became the victim of a ransomware attack on March 13, 2020, by the CLOP ransomware group, which...more
I always enjoy hosting and participating in the CISO Executive Network meetings. The meetings offer Chief Information Security Officers (CISOs) the opportunity to discuss together ways they can improve security in their...more
Sodinokibi Hackers Switch Payment Mechanism to Monero -
The hackers behind the Sodinokibi/REvil ransomware have reportedly switched their demands for payment from Bitcoin or Ethereum to Monero cryptocurrency to try to...more
4/19/2020
/ Bitcoin ,
CARES Act ,
Coronavirus/COVID-19 ,
Cryptocurrency ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Security ,
Financial Stimulus ,
Hackers ,
INTERPOL ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Risk Mitigation ,
Scams
Interpol has issued an alert to global law enforcement agencies about the increased risk of ransomware attacks on hospitals, health care providers and other organizations on the front line of response to the COVID-19...more
4/18/2020
/ Coronavirus/COVID-19 ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Protection ,
Data Security ,
Electronic Protected Health Information (ePHI) ,
Hackers ,
Health Care Providers ,
Hospitals ,
INTERPOL ,
Popular ,
Ransomware
Microsoft Issues Cybersecurity Risk Warning and Offers Help to Hospitals During COVID-19 Crisis -
On April 1, 2020, Microsoft issued a specific warning to health care entities alerting them that they are at particular risk...more
4/6/2020
/ Coronavirus/COVID-19 ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Microsoft ,
OCR ,
Popular ,
Telemarketing ,
Vulnerability Assessments
On April 1, 2020, Microsoft issued a specific warning to health care entities alerting them that they are at particular risk during the COVID-19 crisis, as threat actors are using the pandemic to take advantage of...more
In response to the coronavirus crisis, many companies have mandated that employees work from home in order to assist in slowing the spread of the virus....more
City of Durham, NC Hit With Ryuk Ransomware -
Another city—Durham, North Carolina—has become the victim of a ransomware attack stemming from a Russian hacker group following a successful phishing scheme. After falling...more
3/13/2020
/ California Consumer Privacy Act (CCPA) ,
China ,
Coronavirus/COVID-19 ,
Crisis Management ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Infectious Diseases ,
Municipalities ,
New Legislation ,
Personal Data ,
Personally Identifiable Information ,
Private Right of Action ,
Public Health ,
Ransomware
Two Las Vegas casinos’ networks were down over the past week, with posted signs saying “Cash Only” throughout the casinos after a suspected ransomware attack. Electronic slot machines were silent as the casinos reacted to the...more
3/6/2020
/ Casinos ,
Coronavirus/COVID-19 ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Loss Prevention ,
Data Privacy ,
Data Protection ,
Data Security ,
E-1 ,
Gaming ,
Hackers ,
Medicare Part D ,
OIG ,
Ransomware ,
Scams ,
Wire Fraud
Natural Gas Compressor Facility Shut Down After Ransomware Attack -
The Department of Homeland Security (DHS) announced this week that a ransomware attack shut down a natural gas compressor facility for two days. While in...more
2/25/2020
/ Bitcoin ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Emergency Response ,
Extortion ,
Hackers ,
OCR ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Settlement Negotiations ,
TCPA
Every year, we remind our readers that the HIPAA data breach notification regulations require covered entities to notify the Office for Civil Rights (OCR) of any reportable data breaches that involved fewer than 500...more
2/21/2020
/ Covered Entities ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Electronic Protected Health Information (ePHI) ,
Filing Deadlines ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
HIPAA Breach Notification Rule ,
OCR ,
PHI ,
Regulatory Requirements ,
Reporting Requirements ,
Self-Reporting
Ransomware Attacks Predicted to Occur Every 11 Seconds in 2021 with a Cost of $20 Billion -
Confirming what we are seeing in the field, cybersecurity firm Cybersecurity Ventures has predicted that, globally, businesses in...more
2/14/2020
/ Bitcoin ,
Brand ,
California Consumer Privacy Act (CCPA) ,
China ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Digital Wallets ,
Drones ,
Email ,
Emergency Response ,
General Data Protection Regulation (GDPR) ,
Hackers ,
Legislative Agendas ,
Medical Devices ,
Personal Data ,
Personally Identifiable Information ,
Phishing Scams ,
Proposed Legislation ,
Regulatory Requirements ,
Risk Mitigation ,
Rulemaking Process ,
State Attorneys General ,
Threat Management ,
Unmanned Aircraft Systems ,
Vulnerability Assessments
The Ponemon Institute recently issued its 2020 Cost of insider Threats Global Report, which finds that the frequency and cost of insider threats is continued to increase. Sponsored by ObserveIT and IBM, the 2020 report is the...more
2/11/2020
/ Confidential Information ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Employee Misconduct ,
Information Sharing ,
Internal Controls ,
Negligence ,
Popular ,
Risk Management ,
Threat Management ,
Vulnerability Assessments
Researchers at Sentinel One and Dragos have detected malicious code, called EKANS or Snake, that has been designed specifically to target industrial control systems (ICS), including those of oil refineries, manufacturing...more
2/7/2020
/ China ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Drones ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Identity Theft ,
Infectious Diseases ,
Malware ,
Medical Records ,
OCR ,
Personally Identifiable Information ,
Point of Sale Terminals ,
Public Health ,
Retailers ,
Tax Fraud ,
Vulnerability Assessments
Concern over the spreading coronavirus from China is legitimate and real. The World Health Organization (WHO) has declared the coronavirus a global health emergency, and the United States and other countries are limiting...more
2/5/2020
/ China ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Hackers ,
Infectious Diseases ,
Information Security ,
Malware ,
Personally Identifiable Information ,
Public Health ,
Vulnerable Victims ,
World Health Organization
The National Institute of Standards and Technology (NIST) released its first privacy framework tool (the “Privacy Framework”) on January 16, 2020. In the Executive Summary...more
1/23/2020
/ Consumer Privacy Rights ,
Cybersecurity ,
Cybersecurity Framework ,
Data Privacy ,
Data Protection ,
Data Security ,
Framework Agreement ,
NIST ,
Personal Data ,
Popular ,
Risk Management
FBI Warns of Retaliatory Cyber-Attack from Iran -
The Federal Bureau of Investigation (FBI) is warning of a heightened likelihood of Iranian cyber-attacks following the escalation of tension between the U.S. and Iran. This...more
1/17/2020
/ Assassinations ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Management ,
Data Privacy ,
Data Protection ,
Data Security ,
Dating Services ,
Drones ,
Federal Aviation Administration (FAA) ,
GAO ,
Hackers ,
Information Management ,
Iran ,
Mobile Apps ,
Online Reviews ,
Personal Data ,
Personally Identifiable Information ,
Research Reports ,
Risk Management ,
State Attorneys General ,
Unmanned Aircraft Systems ,
Vulnerability Assessments ,
Yelp
The Federal Bureau of Investigation (FBI) is warning of a heightened likelihood of Iranian cyber-attacks following the escalation of tension between the U.S. and Iran. This follows the warning last week by the Department of...more
1/17/2020
/ Assassinations ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Department of Homeland Security (DHS) ,
FBI ,
Hackers ,
Information Management ,
Infrastructure ,
Iran ,
Phishing Scams ,
Popular ,
Retaliation ,
Risk Management ,
Risk Mitigation ,
Terrorist Threats ,
Vulnerability Assessments
Department of Homeland Security Warns of Cyber-Attacks by Iran -
The Department of Homeland Security (DHS) issued a grave warning to U.S. businesses and critical infrastructure operators on January 6, 2020, alerting the...more
1/10/2020
/ Assassinations ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Homeland Security (DHS) ,
Drones ,
Federal Aviation Administration (FAA) ,
Financial Services Industry ,
Foreign Relations ,
Hackers ,
Information Sharing ,
Iran ,
Microsoft ,
NYDFS ,
Operating System Developers ,
Personally Identifiable Information ,
Risk Management ,
Risk Mitigation ,
Unmanned Aircraft Systems ,
Vulnerability Assessments