More February Cyber News…

The FTC has entered an order against Marriott Corporation and its Starwood subsidiary following a complaint that the company deceived consumers and failed to have reasonable data security in place. It is unknown how may customers may have been affected by the companies’ lack of data security. 

• A U.S. Army soldier in Texas has been arrested on suspicion of being involved in data theft from the “Snowflake” data platform. A Canadian citizen has also been arrested in connection with this theft. 

• NSO Group, an Israeli counterintelligence firm, has been held liable for planting spyware on the phones of approximately 1400 WhatsApp users. They are facing charges in both federal and California jurisdictions. 

• Mobilewalla, a “consumer intelligence platform,” has been banned from collecting and selling sensitive location data. The site allegedly collected sensitive data from various bids and failed to delete the data even when they did not win the bids. Sensitive customer data was procured and resold. The settlement with the FTC prohibits collection, retention and sale of data from a wide variety of public-facing organizations. 

• Two successful ransomware attacks have taken place, one in Rhode Island that affects residents’ data; and another with a much broader scope, conducted by the hacking group “Clop,” which hacked 3 different file transfer software programs. The impact is yet to be determined.