• Matross Edwards

CyberJudicata Weekly Debrief (1/27–31)

This week's Weekly Debrief covers a variety of issues, including the Wawa data breach, a Maryland judge's ruling on an insurance case regarding IT damages, ransomware targeting ICS and a US government contractor, Clearview AI, and building compliant data privacy systems.

Data Breach

CBS News – Wawa customer data exposed during hack now sold on dark web

  • ​"Customer data exposed during a malware attack against convenience store chain Wawa have appeared on Joker's Stash, a marketplace on the so-called dark web for stolen credit card information."

DataBreachToday – Judge Rules Insurer Must Pay for Ransomware Damage

  • ​"A federal judge has ruled that an insurer providing a 'business owner's insurance policy' to National Ink & Stitch, which sustained a ransomware attack in 2016 and was forced to replace most of its IT infrastructure, must pay for the damages the security incident caused."


Bloomberg – Ransomware Linked to Iran, Targets Industrial Controls

  • "An Israeli cybersecurity firm said it believes a new strain of ransomware was created by Iran and has the ability to lock up or even delete industrial control systems."

InfoSecurity Magazine – US Defense Contractor Hit by Ryuk Ransomware

  • ​"A US government technology contractor has become the latest major target taken down by a ransomware attack. Electronic Warfare Associates (EWA) counts the Department of Defense, Department of Justice and Department of Homeland Security among its clients. It describes itself as a veteran-owned business with a track record dating back over four decades."

Krebs – Iowa Prosecutors Drop Charges Against Men Hired to Test Their Security

  • ​"Gary DeMercurio, 43 of Seattle, and Justin Wynn, 29 of Naples, Fla., are both professional penetration testers employed by Coalfire Labs, a security firm based in Westminster, Colo. Iowa’s State Court Administration had hired the company to test the security of its judicial buildings."


EFF – Clearview’s Face Surveillance Shows Why We Need a Strong Federal Consumer Privacy Law

  • ​"The New York Times’ recent story on Clearview AI, maker of a secretive facial recognition app that markets its product to law enforcement, has raised critical questions about what can be done to protect our privacy online. Clearview claims to have amassed a dataset of over three billion face images by scraping websites like Facebook, YouTube, and Venmo."

Law.com – Data Privacy: Building Compliant and Adaptable Systems

  • "The landscape of data privacy law has changed significantly over the last five years. With the General Data Protection Regulation (GDPR) going into effect in the EU in May 2018, data privacy compliance obligations forever changed for companies around the globe. For the first time, companies had to recognize new rights for consumers regarding their personal and sensitive data or face serious penalties."

. . .

#cyberjudicata #weeklydebrief

Recent Posts

See All

Weekly Debrief (6/21–25)

This week's Weekly Debrief covers the CMMC, defense contractor vulnerabilities and supply chain logistics, FAA legislation, possible IRS spending boost, and a GMU study regarding financial dynamics of

Weekly Debrief (6/14–18)

This week's Weekly Debrief covers the Juneteenth federal holiday, federal data strategy, GSA STARS III awards, Army modernization, and "BRAC for VA." White House GovExec – Most Federal Employees Will

Weekly Debrief (6/7–11)

This week's Weekly Debrief covers the Biden administration's spending plans, Defense software issues, CMMC costs, joint DoD/VA medical center, Space Force digital workforce, and DoD wants funding for