Data Privacy & Cybersecurity Blog Posts From March 2019
Blog: Emerging Trend: Managed Service Providers Targeted with Ransomware
Date: March 25, 2019
Title: Emerging Trend: Managed Service Providers Targeted with Ransomware
Summary: An emerging cyber-attack trend is shifting the paradigm for both cyber-preparedness and incident response: ransomware attacks targeting managed service providers. This is, in part, because the size of these attacks can be an order of magnitude larger in terms of the number of entities that are simultaneously affected, and because of the corresponding large-scale efforts that must be undertaken to swiftly and effectively remediate these attacks. ...
Blog: Choosing the Wrong Partners in a Ransomware Attack - Making a Bad Situation Worse
Date: March 22, 2019
Title: Choosing the Wrong Partners in a Ransomware Attack - Making a Bad Situation Worse
Summary: Companies who make a Bitcoin payment in the face of a ransomware attack may run afoul of U.S. anti-money laundering laws. In particular, any company that makes such a payment risks being categorized as a “money service business” under the Bank Secrecy Act and corresponding U.S. Treasury regulations, opening them up to a whole host of compliance statutes and regulations....
Blog: Illinois Expands the Definition of “Injury” Under the Biometric Information Privacy Act
Date: March 01, 2019
Title: Illinois Expands the Definition of “Injury” Under the Biometric Information Privacy Act
Summary: A recent decision issued by the Supreme Court of Illinois seems to stand for the proposition that the risk of harm to an individual stemming from a violation of the Illinois Biometric Privacy Act is so great that an impacted individual need not establish actual harm or injury to bring a claim. Rather, according to the Supreme Court of Illinois, exposure to the risk of actual harm or injury, standing alone, is sufficient....