CYBERSECURITY -
OFAC Issues Advisory on Sanctions for Facilitating Ransomware Payments -
On October 1, 2020, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued an advisory “to...more
10/5/2020
/ Building Inspectors ,
Business Continuity Plans ,
California Consumer Privacy Act (CCPA) ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Drones ,
Economic Sanctions ,
Financial Institutions ,
Fraud ,
Hackers ,
HIPAA Breach ,
Identity Theft ,
OCR ,
Office of Foreign Assets Control (OFAC) ,
PHI ,
Ransomware ,
Regulatory Agenda ,
Unemployment Benefits
On October 1, 2020, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued an advisory “to highlight the sanctions risks associated with ransomware payments related to malicious cyber-enabled...more
10/5/2020
/ Cryptocurrency ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Insurance ,
Cybersecurity ,
Digital Wallets ,
Economic Sanctions ,
Financial Institutions ,
Foreign Policy ,
Office of Foreign Assets Control (OFAC) ,
Ransomware ,
Risk Management ,
Risk-Based Approaches ,
Sanction Violations
In the wake of the increase in ransomware attacks, including data exfiltration prior to or during a ransomware attack, I think it is worth the time and resources to focus on data recovery and business continuity....more
As one of the largest information technology service providers to local governments, the cyber-attack on Tyler Technologies (Tyler) in Plano, Texas is a sobering reminder of how a cyber-attack on a third-party vendor can put...more
10/5/2020
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Federal Contractors ,
Hackers ,
Information Security ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Third-Party Service Provider ,
Vendors
The U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) has announced that it has settled potential violations of HIPAA with Athens Orthopedic Clinic PA (Athens) for $1.5 million, following an...more
10/5/2020
/ Data Breach ,
Electronic Medical Records ,
Enforcement Actions ,
Hackers ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Information Technology ,
OCR ,
Personally Identifiable Information ,
PHI ,
Settlement Agreements
I have received many questions this week on what to do if you are the victim of a fraudulent unemployment claim. It is unbelievable how many people I know who have become victims—yes—including myself....more
CYBERSECURITY -
VA Alerting 46,000 Veterans of Compromise -
The U.S. Department of Veterans Affairs Office of Management (VA) has announced that it is notifying approximately 46,000 veterans that their personal...more
9/18/2020
/ Cyber Insurance ,
Data Breach ,
Data Protection ,
Deep Fake ,
Department of Veterans Affairs ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
OCR ,
Personally Identifiable Information ,
Right of Access ,
Social Media ,
Veterans
It is sometimes surprising how gullible well-intentioned folks are, and how we all can be manipulated by social media. That is the basic conclusion of researchers at the University of Amsterdam’s School of Communications...more
The U.S. Department of Veterans Affairs Office of Management (VA) has announced that it is notifying approximately 46,000 veterans that their personal information was compromised when hackers were able to access an online...more
Cyber liability insurers are in a good position to provide insight into the types of cyber incidents that are hitting the industry. Coalition, a provider of cyber insurance globally, which “serves over 25,000 small and...more
The Office for Civil Rights (OCR) announced yesterday that it has settled five investigations in its HIPAA Rights to Access Initiative (Initiative), which it announced would be an enforcement priority for it starting in 2019....more
CYBERSECURITY -
City of Hartford Hit with Ransomware Attack, Causing School Delay -
Cyber-attackers know that city and town officials have been gearing up for the start of school and the potential for remote learning,...more
9/14/2020
/ California Consumer Privacy Act (CCPA) ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Department of Justice (DOJ) ,
Facial Recognition Technology ,
Hackers ,
Information Technology ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Regulatory Violations ,
TCPA ,
Vulnerable Victims
Cyber-attackers know that city and town officials have been gearing up for the start of school and the potential for remote learning, in school or a hybrid model all summer. The daily monitoring of the coronavirus has kept...more
On September 9, 2020, the Portland, Oregon City Council voted unanimously to ban the use of facial recognition technology by the city government, including the police department, following similar actions by the cities of...more
9/14/2020
/ Biometric Information ,
Data Collection ,
Discrimination ,
Facial Recognition Technology ,
Invasion of Privacy ,
Law Enforcement ,
Local Ordinance ,
Personal Data ,
Public Agencies ,
Public Venues ,
State and Local Government
The Department of Justice recently indicted four men—two of whom are located in Canada and two in New York—for a mass-mailing scheme that bilked thousands of senior citizens out of tens of millions of dollars....more
CYBERSECURITY -
FBI + CISA Issue Joint Alert on Vishing Attacks -
When the Federal Bureau of Investigations (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) get together to issue an alert to warn us...more
9/4/2020
/ Australia ,
Cisco ,
Cyber Crimes ,
Cybersecurity ,
Data Management ,
Data Privacy ,
Drones ,
FBI ,
Federal Trade Commission (FTC) ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Mobile Apps ,
Online Education ,
Phishing Scams ,
Popular ,
Vulnerability Assessments
Cisco warned its customers last weekend that it has become aware of a zero-day vulnerability that it is working to fix by developing a patch. The flaw involves Cisco’s iOS XR Software, an operating system for carrier-grade...more
The Federal Bureau of Investigations (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) recently issued an alert warning the public about vishing campaigns....more
When the Federal Bureau of Investigations (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) get together to issue an alert to warn us about a security threat, you can bet that the threat is real, and that...more
CYBERSECURITY -
U.S. Organizations Doing Business in China Warned of Malware in Tax Software -
The Federal Bureau of Investigations (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint...more
8/28/2020
/ ALEXA ,
Amazon Echo ,
Audits ,
Automatic License Plate Readers ,
Connected Cars ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Financial Industry Regulatory Authority (FINRA) ,
Location Data ,
Malware ,
Motor Vehicles ,
Personal Assistants ,
Personally Identifiable Information ,
Popular ,
Scams ,
Websites ,
Zoom®
The Federal Bureau of Investigations (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint Flash Alert to U.S. based businesses doing business in China about a remote targeting campaign...more
8/28/2020
/ Banks ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
FBI ,
Foreign Corporations ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Malware ,
Popular ,
Software ,
Tax Planning ,
Tax Preparers
The Financial Industry Regulatory Authority (FINRA) recently warned financial professionals that imposters are attempting to collect personal information of investors by spoofing financial professionals’ websites, reaching...more
Auditors have to continue doing their job of auditing, but with the pandemic, audits now are rarely on-site. Many auditing firms are using remote technology to conduct audits, and companies are either forwarding files...more
I continue to be quite surprised at the lack of understanding that people have about personal assistants such as Alexa and Echo. It seems logical to me that when you yell out “Alexa, turn on the lights!”...more
8/28/2020
/ ALEXA ,
Amazon Echo ,
Connected Items ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Internet of Things ,
Oral Communications ,
Personal Assistants ,
Privacy Concerns
In Coral Gables, Florida, a judge refused to dismiss a lawsuit over the city’s use of automated license plate readers to scan license plates. This technology has faced a number of lawsuits over concerns about the collection...more