Tag Archives: data breach response

Kaseya VSA Supply-Chain Ransomware Attack Update 7-9-21 Podcast

Posted on July 9, 2021 by | Comments Off on Kaseya VSA Supply-Chain Ransomware Attack Update 7-9-21 Podcast

Here is the latest on the Kaseya VSA supply-chain ransomware attack which is interesting because there is now strong interplay between the United States government and companies like Kaseya given the national security implications of this type of ransomware attack. Please feel free to listen to this podcast with a brief update on the government involvement in the response to this ransomware attack and on the type of directives that the federal government is now giving out through government agencies like the US Cybersecurity and Infrastructure Security Agency (CISA) and the FBI. It was widely reported that the CEO of Kaseya on 1st notification of this ransomware attack contacted the federal government and spoke with national security officials at the White House and in the Department of Homeland Security. Obviously, every ransomware attack will not necessarily invoke this high-level government response, but more and more the government is involving itself in the investigation and response to these attacks which have been heavily linked to entities like REvil which is alleged to be based in Russia. Pres. Biden today allegedly called Pres. Putin to once again warn him regarding the cybersecurity attacks and he promised in the media that there would be a response from the United States. For more information on the specific CISA-FBI recommendations in response to the Kaseya VSA supply-chain ransomware attack see this link to the CISA website: https://us-cert.cisa.gov/ncas/current-activity/2021/07/04/cisa-fbi-guidance-msps-and-their-customers-affected-kaseya-vsa . See the link below for my short podcast with this update.

U.S. Supreme Court Issues Important Opinion in Coinbase v. Bielski: Reverses 9th Circuit on Stay Issue PIT IP Tech Cast

Court Makes Mandatory a Stay of District Court Actions on Interlocutory Appeal from Denial of Motion to Compel Arbitration The United States Supreme Court, in a somewhat controversial ruling today, has resolved a circuit split by ruling that interlocutory appeals from a federal district court’s denial of a motion to compel arbitration must automatically stay the underlying District Court case. On June 23, 2023, the Supremes in Coinbase, Inc. v. Bielski, No. 22 – 105 (599 U.S. ____ 2023), held that the district court must stay its proceedings while an interlocutory appeal on the question of arbitrability is ongoing.
  1. U.S. Supreme Court Issues Important Opinion in Coinbase v. Bielski: Reverses 9th Circuit on Stay Issue
  2. Ransomware Attack on Kaseya 12/5/21 Update – Indictments
  3. Kaseya VSA Supply-Chain Ransomware Attack Update 7-9-21
  4. Kaseya VSA Server Ransomware Attack July 2021 – Lessons and Protocols for Dealing with Data Breach
  5. The Rise of Counterfeiting Litigation in Federal Courts

Comments Off on Kaseya VSA Supply-Chain Ransomware Attack Update 7-9-21 Podcast

Posted in Computer Technology, Cybersecurity, Data Breach Prevention, Data Breach Response, Data Security, Podcasts, Technology

Tagged , , , , , ,

BLOCKCHAIN: Is it the Next Big Step in Data Security?

Posted on December 27, 2018 by | Comments Off on BLOCKCHAIN: Is it the Next Big Step in Data Security?

From Law.Com and its Legaltech news former Microsoft CTO Adrian Clarke (Evident Proof) reports on the technology of Blockchain and its purported major security benefits for the supply ecosystem. “The blockchain is a transaction ledger that is uneditable and virtually unhackable. New information can be written onto the blockchain, but the previous information (stored in what are known as blocks) can’t be adjusted. Every single block (or piece of data) added to the chain is given an encrypted identity. Cryptography effectively connects the contents of each newly added block with each block that came before it. So any change to the contents of a previous block on a chain would invalidate the data in all blocks after it.” Clarke’s report here is perhaps some comfort for an exponentially growing sector of the world wide economy which relies on supply chain management on a massive scale. See his piece in Law Journal Newsletters at http://tinyurl.com/y7mqfnem 

Attorneys Bill Cheng and John Frank Weaver at McLane Middleton, P.A. in New Hampshire posted this piece in the NH Business Review at: http://tinyurl.com/yblh6nqp regarding the interaction between Blockchain and Bitcoin and how the GDPR for example will struggle to deal with these technologies, given the protections that GDPR attempts to provide to data owners so that they can control their personal information and data. Blockchain, particularly in conjunction with Bitcoin as the currency for a Blockchain secured transaction will prove a challenge to the GDPR rules. CTOs, Industrial Engineers and Supply Chain designers have big decisions to make in the years to come regarding security and whether Blockchain is the answer to some data protection issues. Photo courtesy of Law.Com.

Posted by Henry M. Sneath, Esquire Co-Chair Litigation Practice Group and Chair of the IP Practice Group: Houston Harbaugh, P.C.  401 Liberty Avenue, Pittsburgh, Pa. 15222Sneath is also an Adjunct Professor of  Law teaching two courses; Trade Secret Law and the Law of Trademarks and Unfair Competition at Duquesne University School of Law. Please contact Mr. Sneath at 412-288-4013 or sneathhm@hh-law.com

 

 

Comments Off on BLOCKCHAIN: Is it the Next Big Step in Data Security?

Posted in Business Risk, Computer Technology, Cybersecurity, Data Breach Prevention, Data Breach Response, Data Security, Defend Trade Secret Act 2016, dtsalaw, Technology, Trade Secret

Tagged , , , , , , , ,

From Legal Tech/Law.Com news: A Bug Bounty for Discounts on Cyber Insurance

Posted on February 20, 2018 by | Comments Off on From Legal Tech/Law.Com news: A Bug Bounty for Discounts on Cyber Insurance

From our friends at Law.Com: In the growing market for cyber insurance, carriers are trying to compete on price.  One carrier, Coalition is offering discounts if your company creates a partnership with a “white hat hacker” and establishes a bug bounty with that hacker. The hacker gets a bounty for finding vulnerabilities. Legal Tech author Rhys Dipshan details the program in the article at this link: http://tinyurl.com/ydck3nxg

Dipshan reports that “bug bounties” are becoming a popular weapon in combating cyber attacks. “Unsurprisingly” Dipshan reports, “bounty programs are becoming increasingly common in the tech and corporate world, with companies such as FacebookMicrosoft and Uber offering compensation for vulnerability disclosures. They also have caught on in the federal government as well, with the Department of Defense launching its “Hack the Pentagon” and “Hack the Air Force” programs.” Do you need a cyber bounty hunter?

Posted by Henry M. Sneath, Esq.  HoustonHarbaugh, P.C. – Pittsburgh, Pa.  https://www.hh-law.com Chair of the Intellectual Property Practice Group and Co-Chair Litigation Practice Group. Contact at: sneathhm@hh-law.com or 412-288-4013

Comments Off on From Legal Tech/Law.Com news: A Bug Bounty for Discounts on Cyber Insurance

Posted in Business Risk, Cybersecurity, Data Breach Prevention, Data Breach Response, Data Security, Houston Harbaugh, Technology, Trade Secret

Tagged , , , , , ,

DTSA Cases Being Filed: Defend Trade Secrets Act 2016

Posted on May 25, 2016 by | Comments Off on DTSA Cases Being Filed: Defend Trade Secrets Act 2016

Posted by: DTSALAW.Com and DefendTradeSecretsAct.Lawyer Henry M. Sneath, Esq. – Chair of the Intellectual Property Practice Group at Pittsburgh, Pa. law firm Houston Harbaugh, P.C.  www.hh-law.com. Mr. Sneath is also an Adjunct Professor of Law at the Duquesne University School of Law teaching Trade Secret Law, Trademark Law and the Law of Unfair Competition. He may be contacted at sneathhm@hh-law.com or 412-288-4013. See Websites www.hh-law.com or www.DTSALaw.com.

The new DTSA federal civil remedy statute is already generating lawsuits being filed in Federal Courts. Two suits were recently filed in the Southern District of Florida with jurisdiction being claimed pursuant to the Defend Trade Secrets Act 2016 (DTSA). One case was also filed in the Northern District of Texas. See links to the cases below. In each Florida case, the plaintiff not only claimed trade secret misappropriation under the DTSA, but also under the Florida UTSA state statute (FUTSA). The Texas case brings claims under DTSA and the TUTSA along with pendent state law claims. This may become the trend as the DTSA and state statutes modeled after the Uniform Trade Secret Act describe trade secrets and misappropriation somewhat differently and provide, in some cases, different remedies. The differences in “definitions” between DTSA and the UTSA are not major, but they may make a difference if either is left out of a complaint filed in federal court.  We will monitor this trend and post in the future on new filings.

Interestingly, while both Florida cases seek injunctive relief in the complaint’s claims for relief, neither docket shows the filing of a separate Motion for TRO, Preliminary Injunction or motion for other injunctive relief. The Dean case brings only trade secret misappropriation claims under the DTSA and the FUTSA state statute. The Bonamar case brings claims under DTSA and FUTSA and a number of pendent State Law claims that you would expect to see in an employment related, non-disclosure, breach of covenants/contract case. In the Texas case, the plaintiff has filed an emergency motion for TRO under both state and federal law and a hearing is set for May 26, 2016. The motion and brief are linked below. Here are links to the cases on our website.

Florida Cases: Bonamar v. Turkin and Supreme Crab ; Dean V. City of Miami Beach et al

Texas Case: UPS v. Thornburg (Complaint) ; UPS v. Thornburg (Emergency Motion for TRO) ; UPS v. Thornburg (Brief in Support of Motion for TRO)

Sneath, Henry 2012 headshot

Henry M. Sneath, Esq. 412-288-4013 hsneath@psmn.com

Comments Off on DTSA Cases Being Filed: Defend Trade Secrets Act 2016

Posted in Cybersecurity, Data Breach Prevention, Data Breach Response, Data Security, Defend Trade Secret Act 2016, DTSA, PUTSA, Technology, Trade Secret, Trade Secret Misappropriation

Tagged , , , , , , , , , , , , , , ,

Pittsburgh Court Rules on Data Breach Class Claims – Denying Cause of Action

Posted on June 3, 2015 by | Comments Off on Pittsburgh Court Rules on Data Breach Class Claims – Denying Cause of Action

Posted By Henry M. Sneath, Chair of the Cybersecurity and Data Breach Prevention and Response Team at Pittsburgh, Pa. law firm Picadio Sneath Miller & Norton, P.C.  hsneath@psmn.com or 412-288-4013

537047_70437721A Pittsburgh, Pennsylvania Judge has ruled at the trial court level that there is no private cause of action for the alleged failure of a major hospital network to secure and protect PII and PHI. Denying Class claims, Judge Wettick has ruled that because the legislature has not created such a right, that only the Pennsylvania Attorney General has the right to bring a claim in this circumstance. See the Legal Intelligencer article here: http://tinyurl.com/nphostc  We will get more details on this case and pass them along with our analysis.

Comments Off on Pittsburgh Court Rules on Data Breach Class Claims – Denying Cause of Action

Posted in Cybersecurity, Data Breach Prevention, Data Breach Response, Data Security, Legislation, Technology

Tagged , , , , , ,

Business Leaders Rank Cyber Risk #2 on List of Main Concerns

Posted on May 21, 2015 by | Comments Off on Business Leaders Rank Cyber Risk #2 on List of Main Concerns

Posted By Henry M. Sneath, Chair of the Cybersecurity and Data Breach Prevention and Response Team at Pittsburgh, Pa. law firm Picadio Sneath Miller & Norton, P.C.  hsneath@psmn.com or 412-288-4013

Travelers Business Risk ImageTravelers Indemnity and Insurance released its annual Business Risk Index, which is a survey of the concerns of business leaders and decision makers. Not surprisingly, for 2015, Cyber Risk moved up to the number 2 concern on that list, right behind rising healthcare costs. In some industry sectors it is the number 1 concern. The Banking and Financial Services, Professional Services, and Technology sectors each ranked cyber risks as the main driver of sleepless nights.  The chart on page 3 of the survey is very instructional as to the different concerns between small, medium and large businesses. Small businesses have less concern about data breach than larger businesses, but perhaps small businesses are overlooking their vulnerability and attractiveness as targets. If they care less, they will likely protect less, and become easy targets for hackers. It should be a huge concern for all businesses in all industries as no one appears immune. If you data store or deal in Personal Identifiable Information (PII) or Personal Health Information (PHI) as part of your business, then you are a valuable target. If you have financial or credit information, or trade secrets to protect, then perhaps your competitors, foreign governments and political hackers want to look inside your data. Many insurers are now offering Cyber Risk Insurance to provide defense and indemnity against these risks. Every business should have a data breach prevention and response team of employees and outside consultants and lawyers to audit the company’s vulnerability and to set the plan for a response when a breach occurs.  See the complete Travelers Business Risk Index at: https://www.travelers.com/prepare-prevent/risk-index/business/index.aspx

Comments Off on Business Leaders Rank Cyber Risk #2 on List of Main Concerns

Posted in Business Risk, Cybersecurity, Data Breach Prevention, Data Breach Response, Data Security, Technology, Trade Secret

Tagged , , , , , ,

Target Agrees to Settle Class Claims Over 2013 Data Breach for $10M

Posted on March 20, 2015 by | Comments Off on Target Agrees to Settle Class Claims Over 2013 Data Breach for $10M

Posted By Henry M. Sneath, Chair of the Cybersecurity and Data Breach Prevention and Response Team at Pittsburgh, Pa. law firm Picadio Sneath Miller & Norton, P.C.  hsneath@psmn.com or 412-288-4013

Data Breach broken_security_lock photo Target Corp. agrees to settle the 2013 data breach class claims prior to argument on class certification. Lead plaintiff’s counsel admitted the uphill battle he faced to obtain class certification due primarily to the difficulty in these consumer data breach cases of proving commonality of claims. This settlement, which still needs court approval for its proposed $10M payout, will not settle claims by commercial entities, but only individual consumer claims. Here is a good article with more detail from the National Law Journal. We will continue to follow this settlement and the handling of the commercial claims as this blog increases our focus on Cybersecurity and Data Breach Prevention and Response issues.

See this link to the NLJ for more info:  http://tinyurl.com/kxwjrb9

 

 

Comments Off on Target Agrees to Settle Class Claims Over 2013 Data Breach for $10M

Posted in Cybersecurity, Data Breach Response, Technology

Tagged , , , , , , ,

Cybersecurity (CISA) Bill Moves out of Congressional Committee

Posted on March 13, 2015 by | Comments Off on Cybersecurity (CISA) Bill Moves out of Congressional Committee

j0402514Posted By Henry M. Sneath, Chair of the Cybersecurity and Data Breach Response team at Pittsburgh, Pa. law firm Picadio Sneath Miller & Norton, P.C.  hsneath@psmn.com or 412-288-4013

Privacy concerns continue to dog the CISA (formerly CISPA) bill, but it easily passed out of the  Senate Intelligence Committee yesterday.  Pundits claim that the bill pits “big government – NSA, Homeland Security et al allegedly aided by Big Tech Companies” against privacy advocates who want less regulation of data and the internet. I’m not sure if it lines up that neatly however. See this short article with a summary of the committee process from Wired.Com.

Here is an advocacy website piece which supports defeat of he bill.

We will continue to monitor the path of the bill to see if it makes it to the Senate Floor for a vote. For the complete text of the bill, view it at this link.

Sneath Headshot

Henry M. Sneath on Google+ or see his PSMN ® bio.

Comments Off on Cybersecurity (CISA) Bill Moves out of Congressional Committee

Posted in Cybersecurity, Data Breach Response, Legislation, Technology, Trade Secret

Tagged , , , ,