Tag Archive for: Lawsuits

5 Lawsuits Filed in Ransomware Breach Affecting 3.3 Million

/in


Fraud Management & Cybercrime
,
Healthcare
,
HIPAA/HITECH

Proposed Class Actions Against Regal Medical Group Allege Negligence, Other Claims

Marianne Kolbasuk McGee (HealthInfoSec) •
February 22, 2023    

5 Lawsuits Filed in Ransomware Breach Affecting 3.3 Million
Regal Medical Group in California is facing at least five proposed class action lawsuits following a ransomware incident involving data exfiltration that affected more than 3.3 million individuals.

At least five proposed class action lawsuits have been filed in recent days in the wake of a California medical group’s Feb. 1 report of a ransomware attack last December that affected more than 3.3 million individuals.

See Also: OnDemand | Navigating the Difficulties of Patching OT

The proposed lawsuits filed so far against Regal Medical Group, its affiliated Heritage Provider Network and other affiliated groups include four federal complaints filed since Feb. 13 in the U.S. District Court for the Central District of California, plus at least one complaint filed in a California state court on Feb. 9.

Regal, which has more than 3,000 doctors and touts itself as one of the largest physician-led healthcare networks in southern California, reported the hacking incident on Feb. 1 to the Department of Health and Human Services as affecting several of its affiliated medical groups.

The groups whose patients were affected by the incident include Lakeside Medical Organization and Affiliated Doctors of Orange County and Greater Covina Medical Group. The groups also are affiliates of Heritage Provider Network, a managed care plan (see:…

Source…

$350 Million Settlement of T-Mobile Breach Lawsuits Proposed

/in


Breach Notification
,
Cybercrime
,
Fraud Management & Cybercrime

On Top of Settling With Victims, Telecom Carrier Would Invest More in Security

Prajeet Nair (@prajeetspeaks) •
July 23, 2022    

$350 Million Settlement of T-Mobile Breach Lawsuits Proposed

A proposed $350 million settlement to resolve a consolidated class action lawsuit against the U.S. telecom carrier T-Mobile, after a 2021 data breach that affected nearly 77 million people, includes breach victims and related legal costs.

See Also: OnDemand | Zero Tolerance: Controlling The Landscape Where You’ll Meet Your Adversaries

Under the settlement, T-Mobile is required to invest an additional $150 million to bolster its data security and related technology in 2022 and 2023, according to the settlement described in an SEC filing.

Terms of Settlement

The proposed agreement, which was filed in federal court in Missouri on Friday, would settle a class action lawsuit that consolidated more than 40 lawsuits filed after the data breach was revealed in August 2021 by the U.S. telecom carrier.

It awaits court approval that is “expected as early as December 2022 but could be delayed by appeals or other proceedings,” the filing says.

The telecom carrier says it denies all the allegations made in the complaints filed against them, especially those that describe T-Mobile’s failure to protect customer data, and states that the settlement is not an admission of “liability, wrongdoing or responsibility.”

“T-Mobile denies all material allegations of the Amended Complaint and specifically…

Source…

State of the Word, Gravatar Breaches, Log4J, Alexa Retires, Lawsuits, and More 🗞️ January 2022 WordPress News w/ CodeinWP

/in


Publishers sue Google and Facebook over ad revenue

In a newly consolidated antitrust lawsuit, more than 30 companies that collectively own 200+ local newspapers are suing Google and Facebook, alleging that the two companies manipulated the digital ad market and caused local publishers to lose money.

The goal of the lawsuit is “to recover past damages to newspapers,” as Axios reports.

As part of the lawsuit, the companies allege that Google and Facebook colluded to maximize Google and Facebook’s take-home of advertising revenue (at the expense of local publishers).

This comes on the backs of another lawsuit from publishers with respect to Google AMP, which we got an unredacted look at in October 2021.

If you’ve been building websites for a while now, you probably remember the massive push to adopt Google’s AMP framework around 2016.

AMP content was supposed to load faster on mobile, thanks to a stripped-down code base and caching on Google’s servers.

Google also gave AMP content special placement in the mobile SERPs, as your site needed to be using AMP to show up in the “Stories” section. Side note – this is no longer the case, in part because of what I’ll discuss below.

Because of this push, a lot of publishers did adopt AMP…and now they also aren’t happy with Google, in large part because of details such as Google’s knowledge that publishers using AMP were getting ~40% less revenue and that AMP might not have actually made things faster (and that Google might have actively throttled non-AMP content).

Put these cases together and you can definitely notice a trend of publishers pushing back against large tech corporations. This is especially true of local media publishers, who are in tough straights with the shift to the digital economy.

Are these the last gasps of a slowly dying industry or will we see meaningful reforms over how large tech companies interact with media publishers? Well, I guess we’ll find out when we see how the lawsuits go.

Source…

Indictment, Lawsuits Revive Trump-Alfa Bank Story – Krebs on Security

/in


In October 2016, media outlets reported that data collected by some of the world’s most renowned cybersecurity experts had identified frequent and unexplained communications between an email server used by the Trump Organization and Alfa Bank, one of Russia’s largest financial institutions. Those publications set off speculation about a possible secret back-channel of communications, as well as a series of lawsuits and investigations that culminated last week with the indictment of the same former federal cybercrime prosecutor who brought the data to the attention of the FBI five years ago.

The first page of Alfa Bank’s 2020 complaint.

Since 2018, access to an exhaustive report commissioned by the U.S. Senate Armed Services Committee on data that prompted those experts to seek out the FBI has been limited to a handful of Senate committee leaders, Alfa Bank, and special prosecutors appointed to look into the origins of the FBI investigation on alleged ties between Trump and Russia.

That report is now public, ironically thanks to a pair of lawsuits filed by Alfa Bank, which doesn’t directly dispute the information collected by the researchers. Rather, it claims that the data they found was the result of a “highly sophisticated cyberattacks against it in 2016 and 2017” intended “to fabricate apparent communications” between Alfa Bank and the Trump Organization.

The data at issue refers to communications traversing the Domain Name System (DNS), a global database that maps computer-friendly coordinates like Internet addresses (e.g., 8.8.8.8) to more human-friendly domain names (example.com). Whenever an Internet user gets online to visit a website or send an email, the user’s device sends a query through the Domain Name System.

Many different entities capture and record this DNS data as it traverses the public Internet, allowing researchers to go back later and see which Internet addresses resolved to what domain names, when, and for how long. Sometimes the metadata generated by these lookups can be used to identify or infer persistent network connections between different Internet hosts.

The DNS strangeness was first identified in 2016 by a group of…

Source…