Cybersecurity-Related Actions

Whistleblower Lawsuit: In a somewhat related story, the DOJ has joined a whistleblower lawsuit against Georgia Tech for cybersecurity fraud on defense contracts. The four allegations by two senior former members of the research team are that the university’s Research Corp include failure to set up and follow a security plan and falsification of security reports.

T-Mobile has been fined $60 million for allowing unauthorized access and failing to report it to the Committee on Foreign Investment in the US (CFIUS) on a timely basis, hampering any investigation efforts.

HHS is appealing a lawsuit ruling that it exceeded its authority when it issued a bulletin about the application of HIPAA to cookies and other tracking tools that people encounter prior to logging in on the webpages of organizations that are subject to HIPAA. To be continued….

Other Cybersecurity Headlines:

• NSA Issues Joint Guidance with Allies on Event Logging: Hackers are now using tools within victims’ networks to do their dirty work. This makes them harder to detect.

• Iranian Government Hackers Acting as Initial Access Brokers for Ransomware Gangs:

• Hackers Claim to Have Stolen Sensitive Data from U.S. Marshals Service: This is after a ransomware attack that disabled the USMS website for 10 weeks.

• A separate report says that the second quarter of 2024 saw 1248 victims of ransomware attacks!