Learning & Resource Center

As a result of an investigation by the New York Attorney General’s Office, the law firm is required to pay $200K and implement enhanced data security measures. The office of New York Attorney General Letitia James announced a $200,000 settlement with law firm Heidell, Pittoni, Murphy, & Bach LLP (HPMB) for failing to implement proper healthcare data security measures. The law firm represents a variety of New York City area hospitals and maintains protected health information (PHI). HPMB’s...

The Cybersecurity and Infrastructure Security Agency (CISA) has published two fact sheets designed to highlight threats against accounts and systems using certain forms of multi-factor authentication (MFA). “CISA strongly urges all organizations to implement phishing-resistant MFA to protect against phishing and other known cyber-threats,” the Agency wrote, commenting on the news. The first of the two documents describes multiple methods threat actors have used to gain access to MFA...

Keeping information safe and secure is challenging developments for businesses of all sizes over the last few years. Expeditious shifts from in-person to online to hybrid workplaces forced companies to change, or at least reexamine, their cybersecurity practices and protocols, and far too often they weren’t prepared. In fact, according to CyberEdge’s Cyberthreat Defense Report, 85% of organizations suffered from a successful cyberattack in 2021.   Now, businesses who have suffered cyberattacks...

Tech executives consider business email compromise (BEC), ransomware and attacks on cloud management interfaces as the threats most likely to increase from this year to the next, and singled out mobile, email and cloud as the main attack vectors for 2023, according to PwC.   The consulting giant polled 3522 business, tech and security execs to compile its 2023 Global Digital Trust Insights report. Over half hailed from companies with over $1bn in revenue, and 16% from firms with $10bn or...

The Internal Revenue Service (IRS) has warned US taxpayers of an “exponential” increase in text-based phishing attempts and urged users to report campaigns to help the government disrupt them. In a news alert yesterday, the tax agency said it had identified thousands of fake domains so far in 2022, which are used to facilitate the so-called “smishing” scams. These are designed to steal victims’ personal and financial information. Spoofed to appear as if sent from the IRS, these text messages...

California Governor Gavin Newsom has signed The California Age-Appropriate Design Code Act into law. The new legislation, signed by Newsom on September 15, 2022 and passed by the state congress in late August, will implement some of the strictest privacy requirements for children in the US, especially in relation to social media. The law restricts apps' ability to collect data on anyone 18 or younger and requires them to implement their 'highest privacy standards' for children and teenagers. ...