The world's largest cryptocurrency trading platform is bankrolling a lawsuit challenging the U.S. Department of the Treasury's sanctions against Tornado Cash. The cryptocurrency mixer is a favored tool of North Korean crypto thieves, who use it to launder stolen funds.
California legislators passed a bill banning companies headquartered in the state that provide "electronic communications services" from providing records, information or other assistance to law enforcement in other states related to investigations of reproductive services, such as abortion.
Applying international laws used for armed conflicts to the cyber domain remains elusive because of a lack of precedent and poor visibility in cyberspace. This uncertainty and a failure to establish rules means cyber law hasn't grown as other legal fields have, a defense expert says.
The U.S. Federal Trade Commission filed a lawsuit against Idaho-based data broker Kochava Inc., alleging the company collects and sells sensitive geolocation data, including information about visits to reproductive health clinics. Kochava's actions are an unfair marketplace practice, the FTC says.
As ransomware continues to pummel organizations left, right and center, two states have responded by banning certain types of ransom payments, and more look set to soon follow suit. But experts warn such bans could have "terrible consequences," leading to costlier and more complicated recovery.
Dutch police have arrested a man accused of working as a developer for Tornado Cash. "He is suspected of involvement in concealing criminal financial flows and facilitating money laundering through the mixing of cryptocurrencies via the decentralized Ethereum mixing service," Dutch authorities say.
In the latest weekly update, four ISMG editors discuss the breach of customer engagement platform Twilio, a cyberattack on the U.K.'s NHS that has reignited concerns about supply chain security in the healthcare sector, and the U.S. Treasury clamping down on shady cryptocurrency mixers.
A high-ranking employee at Bitcoin Mercantile Exchange, or BitMEX, has pleaded guilty to violating the Bank Secrecy Act, which requires financial institutions to help prevent money laundering. The plea by Gregory Dwyer follows BitMEX's three founders all pleading guilty to the same charge.
The government of India withdrew a long-anticipated personal data protection bill from Parliament. The government of Prime Minister Narendra Modi vowed to instead introduce a comprehensive framework of global standard laws including digital privacy laws
A $3 million settlement is headed for final court approval in a class action lawsuit involving a 2020 cyberattack against a vendor that provides support services to hundreds of dental practices in 21 states. The incident affected more than 1.2 million of the practices' patients and employees.
The Australian Federal Police have charged a 24-year-old Melbourne man for allegedly creating global spyware purchased by over 14,500 individuals across 128 countries. Priced at $25, once it is installed on a victim's computer, it can be used to steal personal information or spy on individuals.
The chairman of the U.S. House Intelligence Committee vowed more action against makers of advance spyware such as Israel's NSO Group while witnesses pressed the panel to commit the intelligence community's resources to disrupting spyware companies.
A proposed $350 million settlement of a consolidated class action lawsuit against T-Mobile, after a 2021 data breach that affected nearly 77 million people, includes breach victims and related legal costs. The settlement requires T-Mobile to invest $150 million to bolster data security.
The Identity Theft Resource Center's data breach report for the first half of 2022 says approximately 40% of data breach notices do not list the root cause of the compromise. "Unknown" is the top cause of data breaches for the first time since the ITRC began tracking their causes.
Ransomware attacks and data breaches: One thing both have in common is the challenge of attempting to accurately understand their true scale and impact. Too often, data breach notifications lack useful details, while ransomware attacks and ransom payments go unreported.