Stay up-to-date on what is happening with privacy laws, as well as stories about leaks of private information from security breaches in the public and private sector. 360Civic has provided emergency services to individuals, businesses, police organizations and courts in the wake of hacking incidents and ransomware attacks.
Last updated: May 7, 2024
To Our Friends in the Media
If you are a member of the media and would like more information about any of these stories, or input from our CEO on privacy laws, the danger of privacy hacks, or how online privacy protection works, please contact us at press@360civic.com.
Phishing and Ransomware Attacks
Ransomware Attack Hits City of Wichita
A ransomware attack has forced the city government of Wichita, Kansas, to pull some services offline as it tries to contain the infection. A key concern is whether the hackers stole sensitive data from Wichita, a city home to 400,000 people. Ransomware groups often loot such information and threaten to sell or leak it in order to pressure victims to give into their demands.
91% of ransomware victims paid at least one ransom in the past year, survey finds
More than half of organizations globally (58%) have experienced six or more ransomware attack attempts in the past year, and 91% of victims paid at least one ransom, according to a survey by ExtraHop, a network detection and response security vendor.
The average payment was almost $2.5 million, according to the sixth iteration of the annual survey. Some 41.6% paid between $500,000 and $1 million, while 23.4% paid $100,000 to $500,000.
1 in 5 US Ransomware Attacks Triggers Lawsuit
Nearly one in five (18%) ransomware incidents in the US led to a lawsuit in 2023, with 123 filed so far, according to new figures from Comparitech. The number for lawsuits for 2023 is likely to increase, with many data breach notifications still being issued for incidents last year. The analysis showed a growth in the number of lawsuits filed following ransomware attacks in the period from 2018-2023. Across just over 3000 confirmed ransomware incidents over the five years, 355 lawsuits were filed, a rate of 12%.
LA County Health Services: Patients' data exposed in phishing attack
The Los Angeles County Department of Health Services disclosed a data breach after thousands of patients' personal and health information was exposed in a data breach resulting from a recent phishing attack impacting over two dozen employees.
Kansas District to Mandate Cybersecurity Training After Phishing Attack
A school district in Manhattan, Kan., wants all employees to take cybersecurity training after several of them clicked on a phishing email, and fewer than 10 percent reported it as phishing.
Omni Hotels says customers' personal data stolen in ransomware attack
Hotel chain giant Omni Hotels & Resorts has confirmed cybercriminals stole the personal information of its customers in an apparent ransomware attack last month.
Change Healthcare’s ransomware attack costs edge toward $1B so far
UnitedHealth, parent company of ransomware-besieged Change Healthcare, says the total costs of tending to the February cyberattack for the first calendar quarter of 2024 currently stands at $872 million. That's on top of the amount in advance funding and interest-free loans UnitedHealth provided to support care providers reeling from the disruption, a sum said to be north of $6 billion.
Hackers post Tarrant County property owners’ data from ransomware attack on dark web
Medusa, the hacking group responsible for the ransomware attack on the Tarrant Appraisal District, has published data on the dark web it obtained from the attack, TAD said Tuesday. Content on the dark web is not accessible by search engines and requires a special browser. The 300 individuals whose information has been compromised have been notified via mail.
Why cybersecurity investigators fear ransomware hacks may get worse
In the past year -- hospitals, pharmacies, tech companies, Las Vegas' biggest hotels and casinos have been paralyzed by "ransomware" attacks, in which hackers break into a corporate network, encrypt, or lock up critical files and hold them hostage until a ransom is paid. It's a crime that has been growing more costly and disruptive every year. Now cybersecurity researchers fear it's about to get worse, with the emergence of an audacious group of young criminal hackers from the U.S., U.K. and Canada the FBI calls Scattered Spider. More troubling, they have teamed up with Russia's most notorious ransomware gang.
Threats Against Judges
Judicial Security Resources Stretched Amid Rising Threats
Budget cuts to the agency tasked with protecting federal judges and courthouses are straining resources amid a rise in threats against the judiciary and the additional responsibilities of providing 24/7 protection to Supreme Court justices.
Upper Southampton man charged with harassing, threatening Bucks County judges
A 62-year-old Upper Southampton man is facing felony charges for allegedly threatening and harassing a Bucks County magisterial judge and then showing up at the front door of a Common Pleas Court judge seeking help with a lawsuit.
Man convicted in Keystone Heights double killing charged with threatening judge, prosecutor
Taylor Ryan Hill, 26, sent a letter Feb. 12 saying he “would have Assistant State Attorney ‘A.T.,’ the state of Florida judge who sentenced the defendant to prison, and their loved ones killed,” said an indictment filed last week in Jacksonville’s federal court.
Tougher penalties in effect for threats against election workers in Maryland
When election judges report for duty on May 14, a new law that penalizes anyone who issues threats against them will be in effect. Maryland Gov. Wes Moore has signed into law a bill that raises the penalty from one to three years in prison for anyone who issues a threat against an election judge. The increased penalties apply if the family of an election worker is targeted, as well. Jared DeMarinis, Maryland state administrator of elections, told WTOP incidences of harassment and threats directed at election judges and election workers have increased nationally.
American Bar Association warns of increasing threats to US judges
The American Bar Association published a statement on Monday expressing alarm over the increasing threats against judges in the US. The statement cited that serious threats against judges have doubled since 2019, with 457 incidents reported in 2023. These threats often involve threats to physical safety and harm and can have a profoundly negative effect on a judge’s well-being.
Privacy Laws
The American Privacy Rights Act of 2024: A New Framework for Data Privacy
A “discussion draft” of the American Privacy Rights Act of 2024 (APRA) aims to establish a comprehensive national framework for consumer data privacy and security, introducing requirements for covered entities on data handling and consumer rights. The bipartisan bill is being driven by Senate Commerce Committee Chair Maria Cantwell and House Energy and Commerce Chair Cathy McMorris Rodgers.
Nebraska Legislature Passes Consumer Data Privacy Bill
On April 11, 2024, the Nebraska legislature passed the Nebraska Data Privacy Act (LB 1074). It now heads to Nebraska Governor Jim Pillen. Assuming the bill becomes law, Nebraska will become either the sixteenth or seventeenth state to enact consumer data privacy legislation, depending on whether Maryland’s bill, which passed the Maryland legislature last Saturday, is enacted first.
Kentucky’s New Consumer Privacy Law: Is the Privacy Grass Greener in the Bluegrass State?
With the Kentucky governor recently signing into law that state’s privacy law the US now has 16 states with “comprehensive” privacy laws. This newest one will go into effect on January 1, 2026 – the same day as Indiana. It closely resembles other state privacy laws, in particular, Virginia’s privacy law.
Maryland Passes 2 Major Privacy Bills, Despite Tech Industry Pushback
The Maryland legislature this weekend passed two sweeping privacy bills that aim to restrict how powerful tech platforms can harvest and use the personal data of consumers and young people — despite strong objections from industry trade groups representing giants like Amazon, Google and Meta. One bill, the Maryland Online Data Privacy Act, would impose wide-ranging restrictions on how companies may collect and use the personal data of consumers in the state. The other, the Maryland Kids Code, would prohibit certain social media, video game and other online platforms from tracking people under 18 and from using manipulative techniques — like auto-playing videos or bombarding children with notifications — to keep young people glued online.
Can Florida's new digital data law tame the 'Wild West' of online privacy?
Floridians may have new privacy options this summer if you use Amazon, Facebook or Google, thanks to a new digital privacy law that goes into effect July 1. Big tech companies have had a year to prepare for the new law, which expands what’s considered personal data to include your voice, fingerprints and face. Supporters say it allows users more control over their data and how large Internet companies that make money from advertising use it.