Security News

"There doesn't seem to be any mitigation of the growing trend of online crime. The first line of defense from online fraud is not a technology solution or even law enforcement; it's user awareness. From a policy perspective, governments and other institutions should get the word out more so that individuals and organizations are more sensitive to online threats." The most popular internet crimes tracked by the FBI were extortion, government impersonation, and business email compromise, which cost victims $1.8 billion in 2019.

For businesses preparing to comply with California's new data privacy law, the first challenge is figuring out how much data is covered by the law. Christine Lyon, a partner at Morrison & Foerster and a member of the firm's global privacy and data security group, said that the CCPA establishes a new right that US consumers have never had. She also said that the data protected by the CCPA includes much more than just email address and name.

The California Consumer Privacy Act is a lesson in missed opportunities. In September 2017, Alastair Mactaggart and Mary Ross proposed a statewide ballot initiative entitled the "California Consumer Privacy Act." Ballot initiatives are a process under California law in which private citizens can propose legislation directly to voters, and pursuant to which such legislation can be enacted through voter approval without any action by the state legislature or the governor.

The small group of policy wonks that forced California's legislature to rush through privacy legislation two years ago are back - and this time they want a ballot. The big question now is whether history repeats itself and the threat of a ballot initiative passing is sufficient for lawmakers to promise additions to the existing law in return to take the ballot off the table.

Israeli spyware maker NSO Group has rubbished Facebook's claim it can be sued in California because it allegedly uses American IT services and has a business presence in the US. Last October, Facebook and its WhatsApp subsidiary sued the software developer and its affiliate Q Cyber Technologies in California, claiming that the firms made, distributed, and operated surveillance software known as Pegasus that remotely infects, hijacks, and extracts data from the smartphones of WhatsApp users. WhatsApp security manager Claudiu Gheorghe in a previous filing identified 720 malicious attacks on WhatsApp from the IP address 104.223.76.220, a server in California provided by QuadraNet and allegedly run by NSO. QuadraNet did not immediately respond to The Register's request to clarify the account holder for that IP address.

A new report compiling information from PrivacyRights.org on data breaches in the United States found that California has had the highest number of documents lost during attacks since 2005. Using data on the total number of records lost per breach from 2005 to 2019, email marketing company Omnisend compiled a study ranking US states and companies.

On March 17, 2020, the federal government relaxed a number of telehealth-related regulatory requirements due to COVID-19. On April 3, 2020, California Governor Gavin Newsom issued Executive Order N-43-20, which relaxes various telehealth reporting requirements, penalties, and enforcements otherwise imposed under state laws, including those associated with unauthorized access and disclosure of personal information through telehealth mediums.

A California man has been sentenced to more than seven years in prison for hacking an Atlanta-based company and trying to extort money in exchange for the return of the company's intellectual property. Kight accessed computer networks and servers of multiple companies and organizations in Georgia without authorization, prosecutors said.

The deadly novel coronavirus has reached California's tech sector with the news that an engineer who attended the RSA Conference in San Francisco last month has now tested positive for COVID-19 - and is in a serious condition. The RSA Conference is significant with roughly 40,000 attendees.

A 21-year-old California man has pleaded guilty to repeatedly hacking gaming company Nintendo over three years to access servers and steal confidential data, including details on hardware, games and developer tools, according to the U.S. Justice Department. In 2017, FBI agents confronted Hernandez at his parents' home, and he agreed to stop hacking Nintendo in exchange for federal authorities not pressing charges, according to court documents.