cyberattack Archives - Page 4 of 5

Disruptionware V: Malicious Cyber Actors Attack a Florida Water Treatment Facility

We have posted four previous articles discussing the foundation and structure of what a disruptionware attack is, how their attack matrix works, possible defenses to disruptionware attacks and industries that are very susceptible to these attacks. Disruptionware has proven over the last year that it is a growing and dangerous cyber threat to our data, our businesses and possibly our lives.

Disruptionware attacks typically involve ransomware and they aim to encrypt and hold the victim’s data hostage. Such attacks are usually financially motivated, and, to date, there have fortunately been only a few known examples where the disruptionware attack has resulted in threats to health and safety or caused loss of life. When such significant collateral damage has occurred, it typically appears to have been inadvertently caused.

Continue reading “Disruptionware V: Malicious Cyber Actors Attack a Florida Water Treatment Facility”

Buyer Beware: The Internet of Things Comes Under New Cyber Attack from Multiple Fronts

It is estimated that by the end of 2020, there will be more than 50,000,000,000 (yes, billion) connected devices that are part of the Internet of Things (IoT). This is a five million percent increase in IoT devices over the last 20 years. Most of these devices are designed and manufactured for use in homes and vehicles or are wearable devices. These devices include everything from home security cameras to baby monitors, thermostats, car ignition starters, smart watches and even medical devices, such as pacemakers. There are literally thousands of different types of IoT devices that integrate into almost every aspect of your home and work life.

Continue reading “Buyer Beware: The Internet of Things Comes Under New Cyber Attack from Multiple Fronts”

Marriott Cyberattack Fine Reduced as ICO Shifts Penalty Policy

More than two years after receiving a massive initial fine, hotel chain Marriott International, Inc. reduces a cyberattack penalty by more than 80%. A shift in the United Kingdom’s Information Commissioner’s Office (ICO) calculation policy, along with other mitigating factors, led to the significant decrease. While the ICO reinforces the importance of responsibilities of data controllers in managing sophisticated cyberattacks, this latest development marks a continued shift away from turnover-centric penalty policies.

For the full alert, visit Faegre Drinker’s website.

Multiple Federal Agencies Jointly Warn of Increased and Imminent Cybercrime Threat to U.S. Hospitals and Healthcare Providers

On October 28, 2020, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI) and the Department of Health and Human Services (HHS) issued a Joint Cybersecurity Advisory warning of “an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.” The agencies collectively warned that “malicious cyber actors are targeting the Healthcare and Public Health (HPH) Sector with Trickbot malware, often leading to ransomware attacks, data theft, and the disruption of healthcare services.”

Continue reading “Multiple Federal Agencies Jointly Warn of Increased and Imminent Cybercrime Threat to U.S. Hospitals and Healthcare Providers”

Community Health Systems Enters Into Five-Million-Dollar, Multi-State Settlement Agreement in Connection with 2014 Data Breach

On October 8, 2020, Community Health Systems, Inc. (Community Health) and its subsidiary CHSPSC, LLC entered into a settlement agreement with 28 states for $5 million to resolve claims related to a 2014 data breach. Community Health owns over 200 hospitals across the United States and is one of the largest hospital networks in the country. The multi-state settlement follows a separate $2.3 million settlement that Community Health reached with the U.S. Department of Health and Human Services Office for Civil Rights (HHS-OCR) in connection with the same data breach.

Continue reading “Community Health Systems Enters Into Five-Million-Dollar, Multi-State Settlement Agreement in Connection with 2014 Data Breach”

Dunkin’ Brands, Inc. Agrees to Pay $650,000 to Settle 2019 Data Breach Lawsuit Brought by the New York Attorney General’s Office

On September 15, 2020, the New York Attorney General’s Office (NYAG) announced a settlement with Dunkin’ Brands, Inc. (Dunkin) in connection with a September 2019 lawsuit brought by the NYAG against Dunkin for alleged failures to adequately respond to cyberattacks that impacted approximately 300,000 customers. The proposed settlement—which still must be approved by the court—requires Dunkin to, among other things, notify customers impacted by the attacks, maintain specific cybersecurity procedures to prevent future cyberattacks, and pay $650,000 in penalties.

Continue reading “Dunkin’ Brands, Inc. Agrees to Pay $650,000 to Settle 2019 Data Breach Lawsuit Brought by the New York Attorney General’s Office”

DISCERNING DATA

A Faegre Drinker Blog Covering the Latest in Privacy, Cybersecurity and Data Strategy

Tag: cyberattack