digital identity IGA driver's license identity verification

Identity Crisis: Supreme Court Rules on ‘Identity Theft’ Penalty Enhancement

The Supreme Court attempted to define what it means to “use” without lawful authority “a means of identification” of another person ... Read More
Security Boulevard
netflix, password,

Netflix: Is Password-Sharing a Crime?

On May 25, 2023 streaming content provider Netflix began enforcing its policy prohibiting the sharing of Netflix accounts even among family members who are not members of the same “household”—meaning living together in the same house. It was always Netflix’s policy to prohibit such account and password sharing—it’s just that ... Read More
Security Boulevard
ransomware SaaS Security

A New Ransomware Scam: Fraud by the Incident Responders

In February 2018, Oxford Biomedica, a large biological research company in Oxford, UK, was hit by a ransomware attack. The hackers were demanding more than £300,000 in ransom. Oxford invoked its incident response plan and called in its team. One member of Oxford’s internal incident response team, Ashley Liles, had ... Read More
Security Boulevard
internet, security, cloud internet, vulnerabilites, organizations, DNSSEC, GoDaddy cloud network, security

Are Internet Providers ‘Aiding and Abetting’ Crimes?

The internet was on tenterhooks over the question of whether the U.S. Supreme Court would find that online providers like Google, Facebook and others could continue to enjoy protection under the Communications Decency Act Section 230 for the statements and actions of users of their site. In particular, the Supreme ... Read More
Security Boulevard
ransom health care cyberinsurance pharmaceuticals Securing Healthcare Finance IoT

Failure to Pay Ransom: Negligence?

Lehigh Valley Health Network is a health care network based in Allentown, Pennsylvania that serves the eastern and northeastern part of the state. On February 6, 2023, LVHN was hit with a combination ransomware/extortionware attack. Attackers from the hacker group ALPHV (aka BlackCat) obtained sensitive medical photographs of LVHN patients ... Read More
Security Boulevard
border device CBP Loses Photos

Federal Appellate Court Approves ‘Pretext’ Border Search

For almost nine years, Chinese national and U.S. resident Haitao Xiang had been employed by the Monsanto company in St. Louis, Missouri, as a research application engineer specializing in hyperspectral imaging technology. As with most jobs of this type, Xiang had signed a non-disclosure and confidentiality agreement with his employer, ... Read More
Security Boulevard
Journey geolocation Ask Chloé Infosec Roger Clark of Silk Road

Federal Court Dismisses FTC Location Privacy Lawsuit

Geolocation data is among the most sensitive personal data. Marketers can use this data to determine what you are likely to buy, how much you are likely to spend and where you are likely to shop. The Federal Trade Commission (FTC) sued an online geolocation data broker for unfairly selling ... Read More
Security Boulevard
cyberattack russian, threat, shields up Klyushin Nobelium cyber Twitter election Russians

War, Hunh. Yeah. What is it Good For? Reducing Insurer Liability for Cyberattacks

A New Jersey court recently ruled that an insurer was not relieved from its obligation to pay for Merck’s losses after a Russian NotPetya cyberattack. The insurer claimed its ‘Act of War’ exclusion applied to the company’s cyberinsurance policy; the court disagreed. The rise of cyberattacks has led to a ... Read More
Security Boulevard
Uber CISO FTC location CISA Cybersecurity Fraud Case Under Federal False Claims Act

A CISO Employment Contract May Mean the Difference Between Success and Jail

On May 4, 2023, U.S. District Judge William Orrick sentenced former Uber CISO and former DOJ cybercrime prosecutor Joe Sullivan to three years of probation and 200 hours of community service for his role in concealing a massive data breach at Uber from the public and from the FTC. While ... Read More
Security Boulevard
Uber CISO FTC location CISA Cybersecurity Fraud Case Under Federal False Claims Act

Prosecutors Argue for 15 Months in Jail for Uber CISO

In a sentencing memorandum filed with a San Francisco federal court on April 27, 2023, prosecutors argued that Joe Sullivan—the former CISO of Uber and a former federal computer crimes prosecutor himself (with the same office)—should serve 15 months in federal prison for his role in the ride-sharing company’s concealment ... Read More
Security Boulevard