Tag Archive for: Victims

The Franklin Mutual Insurance Group Notifies Victims of Recent Data Breach Following Ransomware Attack | Console and Associates, P.C.

/in


On July 13, 2023, The Franklin Mutual Insurance Group (“FMI”) filed a notice of data breach with the Attorney General of Vermont after discovering that an unauthorized party was able to gain access to FMI’s computer network. In this notice, FMI explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information. Upon completing its investigation, FMI began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.

If you received a data breach notification from the Franklin Mutual Insurance Group, it is essential you understand what is at risk and what you can do about it. As we’ve discussed in previous posts, to protect your privacy and prevent identity theft, companies have a legal obligation to keep your private information secure. Thus, when a company’s negligence causes or contributes to a data breach, victims may be able to hold the company financially liable through a data breach lawsuit. A data breach lawyer can help you learn more about how to protect yourself from becoming a victim of fraud or identity theft as well as discuss your legal options following the Franklin Mutual Insurance data breach.

What Caused the Franklin Mutual Insurance Breach?

The Franklin Mutual Insurance data breach was only recently announced, and more information is expected in the near future. However, FMI’s filing with the Attorney General of Vermont provides some important information on what led up to the breach. According to this source, FMI recently determined that an unauthorized actor was able to access the company’s computer system as a result of a ransomware attack. While FMI provides little background about what led up to the incident, it notes that the unauthorized access occurred on March 11, 2023.

In response, FMI terminated all unauthorized access, notified the FBI, and then launched an investigation into the incident. The FMI investigation confirmed that the unauthorized party accessed and downloaded consumers’ personal information that was stored on the company’s computer system.

After learning that sensitive consumer data was…

Source…

Lawyer says MPS hasn’t contacted hacking victims 5 months later

/in


Thousands of files, including sensitive information, were released online in March after the district didn’t pay a $1 million ransom.

MINNEAPOLIS — Five months after cyber criminals attacked Minneapolis Public Schools, a new, scathing report from the Associated Press says that officials still haven’t informed the victims.

Some of the information, including highly sensitive medical records, like assault complaints, social security numbers and union grievances, were leaked online after the district didn’t pay a $1 million ransom. 

One lawyer now representing some of the victims says his firm is investigating whether the district violated any of its obligations under Minnesota’s Data Practices Act. 

The breach, that the Minneapolis school district said included the release of personal data, wasn’t disclosed until mid-March. Experts call it an aggressive attack that included 300,000 files

“This is not an MPS problem, this is not a Minneapolis problem, this is not a public school problem,” said cybersecurity expert Ian Coldwater. “This happens all over the place to all kinds of places.”

Research shows one in three districts across the country were breached by 2021. What little resources there were then were spent on remote learning and internet connectivity.

Minnesota’s IT specialists confirm it got a $5.5 million boost from lawmakers this legislative session. The state also got another $18 million in federal funds that entities, like school districts, can apply for to upgrade its infrastructure. 

“These families are floored and totally taken by surprise,” said attorney Jeff Storms, who represents some of the victims. 

“They had no idea their children’s sensitive information had been leaked on the internet and from what we’ve seen from the scope of this breach, the district did not take reasonable measures to…

Source…

MOVEit hack claims Calpers and Genworth as millions more victims impacted, ET Telecom

/in


The number of victims of the MOVEit hack grew by several million on Thursday after the biggest U.S. pension fund, Calpers, and insurer Genworth Financial said personal information of their members and customers had been compromised.

Both said a third-party vendor, PBI Research Services, was affected in a data theft hack, providing a path for the hackers to then steal data from Calpers and Genworth. PBI could not be reached for comment.

Calpers said on June 6, 2023, PBI told them of a “vulnerability” in their MOVEit Transfer software that allowed hackers to download “our data” without specifying how many people were impacted. News reports said information from more than 700,000 Calpers members and retirees was taken.

The MOVEit software is widely-used by organisations around the world to share sensitive data.

Genworth Financial was harder hit, saying personal information of nearly 2.5 million to 2.7 million of its customers was breached.

“The personal information of a significant number of insurance policyholders or other customers of its life insurance businesses was unlawfully accessed,” Genworth said.

From U.S. government departments to the UK’s telecom regulator and energy giant Shell, a range of victims have emerged since Burlington, Massachusetts-based Progress Software found the security flaw in its MOVEit Transfer product last month.

The insurer said it is working to ensure “protection services” are provided to the impacted individuals, according to a regulatory filing.

Data taken from Calpers included members’ first and last name, date of birth and social security number. It serves more than 2 million members in its retirement system.

The MOVEit hack has hit several state and federal agencies. Last week, the U.S. Department of Energy got ransom requests from the Russia-linked extortion group Cl0p at both its nuclear waste facility and scientific education facility that were recently hit in a global hacking campaign.

Data was compromised at the two DOE entities after hackers breached their systems through a security flaw in MOVEit Transfer.

The wide-ranging impact of the hack shows how even the most security-minded federal…

Source…

These devices can be a lifesaver for finding your keys. Victims say they also enabled their stalkers

/in


Apple’s Airtags and similar devices like Tile are marketed as a useful tool for people to keep track of their belongings, from house keys to luggage and even your car.

The small, button-shaped devices were popularised by savvy travellers hoping to avoid lost luggage during last year’s flight delays and cancellations.

Pet owners have also reported using the tiny gadgets to keep track of their beloved dog or cat, though Apple has discouraged people from using the device for this purpose.

Airtags work by using Bluetooth wireless signals to report their presence to nearby Apple devices that are connected to the internet.

Once detected, the Airtag can piggyback off iPhones or iPads to alert its owner of its location.

Apple’s Airtags can help people keep tabs on their keys, luggage and even pets. (ABC News: Rebecca Armitage)

At just $49, they are widely seen as cheap and accessible in comparison to other GPS devices on the market.

But just as Airtags have helped to ease people’s minds about their belongings and precious pets, they have also prompted concerns over stalking capabilities.

Survivors and domestic violence awareness groups claim in the wrong hands, the devices can be used to track people against their wishes.

‘The weapon of choice of stalkers and abusers’

Lauren Hughes’ life spiralled after she broke off a three-month relationship with her boyfriend in 2021.

She claims her ex began stalking her online, writing abusive posts on social media and creating fake profiles to try to follow her private accounts, in a class action complaint filed in California.

Two months later, his behaviour escalated to the point where he was calling her from blocked numbers and leaving threatening messages, as well as objects, at her house.

Ms Hughes feared for her safety and moved to a hotel nearby until she could find a new place to live.

She’d hoped to shake off her stalker, but she claims his behaviour did not stop.

After packing up her old apartment, she received a notification on her iPhone that an unknown Airtag was travelling near her at her hotel.

Apple launched Airtags two years ago and they were widely popular during the airport chaos last year. 

“Ms Hughes got the alert … but she didn’t know…

Source…