On April 13, 2021, the U.S. Department of Justice announced that the Federal Bureau of Investigation executed a court-authorized removal of malicious web shells from hundreds of vulnerable computers in the U.S.
Continue Reading Court Authorizes FBI to Remove Web Shells from Compromised Microsoft Exchange Servers
Hacker
Dutch Regulator Fines Booking.com 475,000 Euros for Late Breach Reporting
Posted on
Posted in Enforcement, European Union
On March 31, 2021, the Dutch Data Protection Authority, announced a fine of 475,000 Euros for Dutch headquartered online travel agency Booking.com for failure to report a data breach within 72 hours of becoming aware of the incident in 2019.…
Continue Reading Dutch Regulator Fines Booking.com 475,000 Euros for Late Breach Reporting
Florida Water Hack Shows Danger of Remote Access Vulnerabilities
Posted on
Posted in Security Breach
On February 8, 2021, Pinellas County, Florida officials announced that a hacker had remotely gained access to the City of Oldsmar’s water treatment system on two separate occasions and was able to change the setting for sodium hydroxide in the water supply. The incident highlights the danger to local government information systems and the dangers of remote access vulnerabilities.…
Continue Reading Florida Water Hack Shows Danger of Remote Access Vulnerabilities
D.C. Court Rejects Attorney-Client Privilege and Work Product Protections in Data Breach Case
Posted on
On January 12, 2021, in Wengui v. Clark Hill, PLC, et al., the United States District Court for the District of Columbia rejected a law firm defendant’s assertions of the attorney-client privilege and work product doctrine for forensic reporting and other related information associated with its outside counsel’s data breach investigation. …
Continue Reading D.C. Court Rejects Attorney-Client Privilege and Work Product Protections in Data Breach Case
ICO Fines Ticketmaster 1.25 Million Pounds for Security Failures
Posted on
On November 13, 2020, the UK Information Commissioner’s Office fined Ticketmaster UK Limited £1.25 million for failing to keep its customers’ personal data secure.…
Continue Reading ICO Fines Ticketmaster 1.25 Million Pounds for Security Failures
ICO Fines Marriott International £18.4 Million for Security Breach
Posted on
Posted in International, Security Breach
On October 30, 2020, the UK Information Commissioner’s Office announced its fine of £18.4 for Marriott International, Inc., for violations of the GDPR, a significant decrease from the proposed fine of £99,200,396 announced in July 2019.…
Continue Reading ICO Fines Marriott International £18.4 Million for Security Breach
OCR Settles with Orthopedic Clinic for $1.5 Million for Alleged HIPAA Noncompliance
Posted on
Posted in Health Privacy, Security Breach
On September 21, 2020, the U.S. Department of Health and Human Services Office for Civil Rights announced a $1.5 million settlement with Athens Orthopedic Clinic PA for alleged violations of the HIPAA Privacy and Security Rules.…
Continue Reading OCR Settles with Orthopedic Clinic for $1.5 Million for Alleged HIPAA Noncompliance
Part 3: The Cost of Ignoring Cybersecurity: A Board’s Role in Overseeing and Managing Cyber Risk
Posted on
Posted in Cybersecurity, Multimedia Resources
Watch the final part of a weekly series on Cybersecurity Law and Governance originally published by S4 Events featuring Hunton partner Lisa Sotto. …
Continue Reading Part 3: The Cost of Ignoring Cybersecurity: A Board’s Role in Overseeing and Managing Cyber Risk
Part 1: The Cybersecurity Threat Landscape
Posted on
Posted in Cybersecurity, Multimedia Resources
Watch part 1 of a weekly series on Cybersecurity Law and Governance featuring Hunton partner Lisa Sotto. …
Continue Reading Part 1: The Cybersecurity Threat Landscape
London Breakfast Briefing: Lessons Learned from Recent UK/EU Enforcement Action and Understanding Cybersecurity Threats
Posted on
Update: We are monitoring the COVID-19 situation and, like many of you, re-assessing our in-person gatherings and events over the next few months. As an immediate step, we have decided to postpone our London Breakfast Meeting and will circulate details of a webinar on this topic shortly. We thank you for your understanding.
On March 17, 2020, Hunton Andrews Kurth LLP will host a breakfast briefing in our London office, with guest speakers from Deloitte’s Cyber Breach Support team, to explore UK and EU cyber enforcement trends and discuss the current cybersecurity threat environment. In the face of record-breaking fines handed out by the regulators, securing networks, hardening systems, and protecting data from cyber attacks is becoming ever more critical. Understanding common cyber threats, including the attack vectors, how they work, and how they can be detected, is key to working with IT security colleagues to protect an organization from cyber attacks and respond to incidents. …
Continue Reading London Breakfast Briefing: Lessons Learned from Recent UK/EU Enforcement Action and Understanding Cybersecurity Threats