Stay up-to-date on what is happening with privacy laws, as well as stories about leaks of private information from security breaches in the public and private sector. Ironwall by Incogni has provided emergency services to individuals, businesses, police organizations and courts in the wake of hacking incidents and ransomware attacks.
Last updated: December 4, 2024
To Our Friends in the Media
If you are a member of the media and would like more information about any of these stories, or input from our CEO on privacy laws, the danger of privacy hacks, or how online privacy protection works, please contact us at [email protected].
Phishing and Ransomware Attacks
Starbucks, Grocery Stores Hit by Blue Yonder Ransomware Attack
Blue Yonder provides an end-to-end supply chain platform and claims to have over 3,000 customers across 76 countries, including retailers, manufacturers and logistics services providers. Several high-profile customers have confirmed being impacted by the service disruptions at Blue Yonder. One of them is Starbucks, which said the incident impacted its ability to pay baristas and manage employee schedules.
Hoboken, N.J. hit with ransomware cyberattack, officials say
The City of Hoboken was targeted in a ransomware attack Wednesday morning, officials said. The cyber attack forced the closure of City Hall, and shut down online city services.
Corrupted Microsoft Word files used to launch phishing attacks
Cybercriminals have found a new and creative way to sneak phishing emails past your online defenses and into your inbox, experts have warned. A new report from cybersecurity researchers Any.Run observed crooks distributing corrupted Microsoft Word files in their campaigns. Most phishing emails come with an attachment. That file can either be malware itself, or can contain a link to a malicious website, or download.
PIH Health suffers a ransomware attack
PIH Health reported they were hit by a ransomware attack on Sunday, interrupting phone and internet service. They say no patients are in danger, and all operations are in place, just slow administratively due to the network interruption.
Your Netflix account is not suspended – how to avoid the latest SMS scam
If you’ve recently received an SMS about your Netflix account being suspended, chances are it’s a scam. Fraudsters are targeting phone numbers in 23 countries with a new text message campaign, trying to swindle Netflix users out of their account credentials and payment information.
Ransomware Attack on Oklahoma Medical Center Impacts 133,000
Great Plains Regional Medical Center in Oklahoma is notifying over 133,000 individuals that their personal information was compromised in a ransomware attack.
Cyber insurance demand surges as ransomware targets businesses of all sizes
As more companies begin to understand their exposure, Ritchie sees an increasing uptake in cyber insurance policies. However, the process of convincing businesses to invest in cyber coverage often involves educating them on the specific vulnerabilities they face. One effective method is to present potential clients with a detailed analysis of their risk profile.
Aspen Healthcare Services Announces Data Breach Following Ransomware Attack
On November 18, 2024, Aspen Healthcare Services (“Aspen Healthcare”) filed a notice of data breach with the Attorney General of Texas after discovering that the company was targeted in a ransomware attack. In this notice, Aspen Healthcare explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their names, dates of birth, addresses, insurance IDs, health records, and Social Security numbers.
Phishing scheme led to $2.2 million taken from Grand Forks Public Schools
The business manager of Grand Forks Public Schools said Monday the $2.2 million swindled from the district earlier this year was taken in a phishing scheme. In a phishing attack, attackers deceive employees into revealing sensitive information or installing ransomware or malware.
Columbus, Ohio Notifies 500,000 of Data Breach from Ransomware Attack
According to Security Week, the ransomware group posted the city’s data on the dark web, including individuals’ names, addresses, dates of birth, bank account information, driver’s license information, Social Security numbers, and other identifying information. Columbus reported to the Maine Attorney General that it is notifying 500,000 individuals that their personal information was affected by the incident, and is offering those who are affected 24 months of credit monitoring and dark web monitoring.
Houston Housing Authority Grapples with Dual Crises, Ransomware Attack Amid Alleged Fiscal Misconduct Scandal
The Houston Housing Authority (HHA) finds itself ensnared in a digital chokehold, a ransomware attack has breached its network. The cyber intrusion occurred over a month ago, on September 22. Yet, amid inquiries, the full scope of compromised accounts remains undisclosed by HHA, as KPRC 2 Investigates reported.
Threats Against Judges
Cook County judge removed from domestic violence cases due to threats against him
A Cook County domestic violence judge, already under fire for releasing a man who later allegedly killed his wife, has now been removed from cases involving domestic violence due to threats directed at him. The Office of Cook County Chief Judge Timothy Evans said Tuesday evening that Judge Thomas Nowinski "is not currently hearing cases involving domestic violence or orders of protection" due to "anonymous threats" against him.
Texas woman pleads guilty to threatening judge in Trump's election case
A Texas woman pleaded guilty on Wednesday after being charged with threatening to kill individuals including the federal judge overseeing the 2020 election subversion criminal case against Republican President-elect Donald Trump.
Man who threatened Chester County judge and attorneys won’t represent self at upcoming trial
A Luzerne County man who allegedly threatened to harm a Chester County Common Pleas Court judge, a county prosecutor, and his own attorney in anger over the pace of criminal charges he faces in connection with accusations he physically assaulted and stalked a former girlfriend has decided to abandon plans to represent himself at his upcoming trial.
Privacy Laws
Nebraska’s Consumer Privacy Law Takes Effect Soon and Targets Businesses Selling Personal Data
Nebraska Governor Jim Pillen (R) signed the Nebraska Data Privacy Act (or NEDPA) into law in April. NEDPA becomes effective on January 1, 2025 – the same day as similar laws going live in Delaware, Iowa, and New Hampshire. This relatively short period between signature and effective date left little time for impacted companies to prepare; however, Nebraska’s approach to applicability criteria has cast a specifically tailored net focused on businesses selling personal data of Nebraska residents.
State privacy laws aren't protecting personal financial data, CFPB says
New state privacy laws don't do enough to protect personal information used by financial businesses, a federal regulator says. Eighteen states, including California and Texas, passed privacy laws between Jan. 2018 and July 2024, but all the laws have exemptions for financial companies or data tied to federal legislation, the Consumer Financial Protection Bureau said Tuesday in a report.
What a new Trump mandate could mean for American data privacy rights
Former President Donald Trump will return to the White House for a second term with issues such as Ukraine, the Middle East and immigration highest on his agenda – but what will the US President elect's new mandate mean for data protection and online privacy for the American people?
Navigating California’s Evolving Privacy Landscape: Key Updates from the November 8th CPPA Board Meeting on Rulemaking and What It Means for You
On Friday, the California Privacy Protection Agency’s Board convened to tackle some critical privacy issues, including the creation of a new state-managed platform where consumers can submit opt-out requests to data brokers. In a surprising turn of events, the Executive Director, Ashkan Sultani, announced his resignation, though the reasons behind his departure were not clear from what was shared during the meeting. The Board also covered a series of major rulemaking initiatives focused on automated decision-making technologies and data brokers.