Cybercriminals have launched a new campaign that not only requires the victim to pay a ransom to have their data decrypted, but when the victim is directed to a PayPal account to pay the ransom to get the decryption key to unlock the data, the PayPal account page is fake and when the victim lands on the fake page, the criminals steal their account login credentials. On top of that, when the victim puts the…

The California Consumer Privacy Act of 2018 (CCPA) is here and it’s best to start now to learn what this law is, who it applies to, and what you and your business can do to be prepared. This article is a follow up to our earlier post on the CCPA. Although the Act was passed in 2018 and signed into law by Gov. Jerry Brown on June 28, 2018, the effective date is January 1,…

Although the Massachusetts Data Security Regulations went into effect March 1, 2010, I still find that many companies have not implemented a Written Information Security Program (WISP) and don’t know that they are required to do so. According to the regulations, any companies or persons who store or use personal information of a Massachusetts resident must develop and implement a WISP that outlines the measures the company is taking to protect the personal information of…

A California federal judge held that a standard comprehensive general liability (CGL) aircraft exclusion barred liability coverage for injuries suffered as a result of drone operations. The injuries occurred when a wedding photographer used a drone to capture images at a wedding reception and the drone hit a guest who sustained serious injuries, including loss of sight in one eye. The court determined that the insurance company could recover the costs incurred by the company…

We previously cautioned that telephone companies sell customer data to third parties, including location data [view related posts here]. Last year, the telecom industry pledged to stop the practice after pressure by members of Congress. Earlier this month, Joseph Cox of Motherboard released I Gave a Bounty Hunter $300. Then He Located Our Phone and outlined how he gave the individual his phone number and the individual (called a bounty hunter) was able to…

According to reports, a Georgia-based physician who previously pleaded guilty to criminal violations of the Health Insurance Portability and Accountability Act (HIPAA) received six months of probation from a Massachusetts federal judge earlier this week. The physician – a pediatric cardiologist – pleaded guilty in February, 2018 to a misdemeanor count of wrongful disclosure of individually identifiable health information in violation of HIPAA, and had faced up to one year of imprisonment. The physician was…