Category: Data Breach

The Art of Cybersecurity: How Sun Tzu Masterminded the FireEye / US Agencies / SolarWinds Cyberattacks

Sun Tzu taught that, when it comes to the art of cybersecurity, you must be wary of your business partners and other third parties. Why? Unless you are living under a rock, you should have heard that FireEye–perhaps the preeminent cybersecurity firm on the face of the planet–was the victim of a successful cyberattack. So…

Read More

Simple Mistakes – Not Always “The Hackers” – Can Cause Substantial Data Breaches

It is not always the feared and dreaded “hackers” that cause the exposure and breach of confidentiality of sensitive personal information. Sometimes it’s just simple mistakes, but the consequences can be much the same. Consider this situation: NTreatment inadvertently exposed thousands of medical records online by neglecting to add password protection to one of its…

Read More

The Home Depot / State Attorneys General Settlement – My 1st and 2nd Thoughts

The Attorneys General of 46 states reached a $17.5 million-dollar settlement with The Home Depot, which was announced on November 24, 2020. Texas Attorney General Ken Paxton announced that this settlement was led by the Connecticut, Illinois, and Texas AGs and Texas will collect $1,777,440.00. I will have more to say about this settlement in…

Read More

Podcast: #DtSR Episode 410 – TPA CISO Accountability Problems

I was a guest recently on the Down the Security Rabbithole Podcast with Raf Los, James Jardine, and Brandon Dunlap for episode 410 titled TPA CISO Accountability Problems. As they described it: Because we can’t get enough of Brandon Dunlap and Shawn Tuma over here on the podcast, here we go again. Last episode Brandon…

Read More

Texas Bar Journal 2019 Cybersecurity & Data Privacy Update

The Texas Bar Journal’s 2019 year-end Cybersecurity & Data Privacy Update was once again provided by Shawn Tuma and addressed the following issues: Texas’ New Data Breach Notification Requirements effective January 1, 2020 Whether website scraping allegations are sufficient to invoke Texas and federal “hacking” laws Whether viewing pictures on another’s cellphone violates Texas “hacking” law Cyber…

Read More

Ransomware is the single greatest risk your company faces – here’s why

You read that correctly: ransomware is the single greatest risk to your company. Even in times of the COVID-19 global pandemic, ransomware is still the one risk where, tonight, the company CEO can lay her head down on her pillow with the company doing fine, profits up and operations running smoothly, and then wake up…

Read More

Healthcare Providers – Are You Prepared for Hackers to Tell Your Patients About Your Ransomware and Data Breach?

If you are a healthcare provider, you need to prepare yourself now for the new reality that, when hackers get into your network, they will contact your patients to put pressure on you to pay their ransom demands — usually after they have encrypted your network. Here is an example from a recent case that…

Read More

Is #ShameHacking Coming Next? Hackers Breach Search Engine for Japanese Sex Hotels

Shame hacking — the use, or threatened use, of purportedly hacked data for embarrassing or extorting people by threatening to expose such compromising data if they do not comply with the demands made of them — is a thing. A search engine for Japanese sex hotels just announced a breach whereby hackers may have accessed…

Read More
%d bloggers like this: