Security News

Delta Dental of California and its affiliates are warning almost seven million patients that they suffered a data breach after personal data was exposed in a MOVEit Transfer software breach. Delta Dental of California is a dental insurance provider that covers 45 million people across 15 states and is part of the Delta Dental Plans Association.

The Californian City of Long Beach is warning that they suffered a cyberattack on Tuesday that has led them to shut down portions of their IT network to prevent the attack's spread. Long Beach is the home to approximately 460,000 people and is the seventh most populous city in California. Yesterday, the City of Long Beach warned that it suffered a cyberattack on November 14th and engaged a cybersecurity firm to investigate the incident and notified the FBI. The City says that once it detected the attack, it began to take systems offline immediately, which is done to prevent the spread of the attack to other devices.

The California State Legislature passed Senate Bill 362, known as the Delete Act, to simplify the process for consumers to ask to remove their personal data gathered by data brokers. In this Help Net Security video, Dr. Chris Pierson, CEO of BlackCloak, discusses why this bill matters to CISOs.

Infosec in brief Californians may be on their way to the nation's first "Do not broker" list with the passage of a bill that would create a one-stop service for residents of the Golden State who want to opt out of being tracked by data brokers. If signed, the bill will require the California Privacy Protection Agency to set up a website by 2026 where residents could go to, listing every single data broker registered in the state of California, to delete whatever data they had on the individual - and to keep deleting anything new they acquired every 45 days.

Half a percent of last quarter's net income? That'll teach 'em Google has been hit with another lawsuit alleging it deceived users about its collection, storage, and use of their location data,...

California's Attorney General announced today that Google will pay $93 million to settle a privacy lawsuit alleging it violated the U.S. state's consumer protection laws. An investigation by the California Department of Justice found that Google had engaged in deceptive practices related to collecting, retaining, and utilizing Android users' location data for purposes such as consumer profiling and advertising, all without obtaining their proper informed consent.

Google has agreed to pay $93 million to settle a lawsuit filed by the U.S. state of California over allegations that the company's location-privacy practices misled consumers and violated consumer protection laws. "Our investigation revealed that Google was telling its users one thing - that it would no longer track their location once they opted out - but doing the opposite and continuing to track its users' movements for its own commercial gain," California Attorney General Rob Bonta said.

Multiple medical groups in the Heritage Provider Network in California have suffered a ransomware attack, exposing sensitive patient information to cybercriminals. The entities collectively issued a notice of data breach at the start of the month and shared a sample letter with the California Attorney General's office earlier this week.

Early in his career, Kevin Mitnick successfully hacked California law. The setup is that he just discovered that there's warrant for his arrest by the California Youth Authority, and he's trying to figure out if there's any way out of it.

LockBit claims it was behind a cyber-attack on the California Department of Finance, bragging it stole data during the intrusion. The notorious ransomware gang boasted it exfiltrated 76GB from the state agency, which apparently included databases, confidential information, financial and IT documents, and, oddly enough, "Sexual proceedings in court." LockBit has promised to publish "All available data" on December 24, presumably unless the California state government pays a ransom, although no information has been released about any monetary demand.