Cyber Security

Security Breaches And Data Dumps

By | Cyber Security, Data Breach

A cybersecurity researcher has revealed in his blog a data breach made up of many different individual data breaches from thousands of different sources that consists of a set of email addresses and passwords totaling 2,692,818,238 rows, which he has designated as “Collection #1,” containing 772,904,991 unique email addresses along with 21,222,975 unique passwords.

The cybersecurity blogger cited a large collection of files on the popular cloud service, MEGA, which totaled over 12,000 separate files and more than 87GB of data.


The Collection #1 data reportedly was first posted to underground forums in October 2018 and is just a subset of a much larger tranche of passwords being sold online for $45.00 by a seller who self-identifies as “Sanixer.” Sanixer reportedly admits that Collection #1 was at least 2 to 3 years old and is a mix of “dumps and leaked bases.” However, he allegedly offers for sale other “password packages” that total more than 4 terabytes in size and are less than one year old.

A cybersecurity expert states that a core reason so many accounts get compromised is that far too many people choose poor passwords, re-use passwords and email addresses across multiple sites, and are not taking advantage of multi-factor authentication options when they are available. The cybersecurity expert recommends instead of thinking about passwords, consider using unique, lengthy passphrases — collections of words in an order you can remember — when a site allows it. In general, a long, unique passphrase takes far more effort to crack than a short, complex one.

The cybersecurity expert suggests that if you are the type of person who likes to re-use passwords, then you definitely need to be using a password manager, which helps you pick and remember strong and unique passwords/passphrases and essentially lets you use the same strong master password/passphrase across all Web sites.

The cybersecurity expert further suggests that you go to and to see if you are taking full advantage of multi-factor authentication at sites you trust with your data. Multi-factor authentication helps because even if hackers manage to guess or steal your password just because they hacked some Web site, that password will be useless to them unless they can also compromise that second factor — be it your mobile device or security key.


If your business suffered financial or other significant harm due to a cybersecurity breach in  the United States, email us at or telephone us toll-free in the United States at 800-756-2143 to discuss whether your cyber security breach matter may be appropriate to be handled on a contingency basis. – The Practical Solution For Business Litigation

Massachusetts Strengthens Its Data Breach Law By Adding Amendments

By | Cyber Security, Data Breach

Massachusetts Governor Charlie Baker signed a new law on January 10, 2019  that significantly amends and strengthens Massachusetts’ data breach notification law when it becomes effective on April 11, 2019.

A new requirement requires an offer of complimentary credit monitoring for a period of not less than 18 months when the data security breach involves a Massachusetts resident’s Social Security number. The new law requires that a person who experienced a breach of security that involves a resident’s Social Security number to “file a report with the attorney general and the director of consumer affairs and business regulation certifying their credit monitoring services comply with” the new requirement to offer complimentary credit monitoring services for a period of not less than 18 months. If the breach happened at a credit monitoring agency, the agency would have to provide three-and-a-half years of free monitoring.

The new law (i.e., amendments to the existing law) requires a rolling notification to individuals under certain circumstances (“A notice provided pursuant to this section shall not be delayed on grounds that the total number of residents affected is not yet ascertained. In such case, and where otherwise necessary to update or correct the information required, a person or agency shall provide additional notice as soon as practicable and without unreasonable delay upon learning such additional information.” ). The amended law also requires that the notice to individuals must identify the name of the parent or affiliated corporation if the organization that experienced a breach of security is owned by another person or corporation.

The amended law includes a new requirement to inform the state regulators “whether the person or agency maintains a written information security program.” Massachusetts regulations currently require “[e]very person that owns or licenses personal information about a resident of the Commonwealth [to] develop, implement, and maintain a comprehensive information security program.” 201 CMR § 17.03(1).

Credit reporting agencies will be required to provide a “security freeze” free of charge when a consumer requests it, and third parties to gain consumers’ written consent before obtaining credit reports for non-credit purposes. If someone requests a credit freeze from one credit agency, that agency would be required to tell them how to contact the other major credit agencies.

Upon request, a credit agency would be required to disclose what is in someone’s credit history and who the agency has provided a credit report to within the past six months, and up to two years for employment purposes.

A credit agency could not charge more than $8 for a copy of a credit report and could not charge at all if someone were turned down for a job, home rental or insurance due to poor credit during the past 60 days. The law sets out rules for disputing credit reports.

In signing the amendments into law, the Massachusetts Governor stated, “The improvements made to Massachusetts laws in this legislation are necessary to protect consumers from the consequences of data breaches that could expose personal information and to give consumers more control over their data and how it is used.”


If your business is presently or may soon be involved in data breach litigation in the United States, email us at or telephone us toll-free in the United States at 800-756-2143 to find business litigation contingency lawyers who may handle your data breach litigation matter on a contingency basis. – The Practical Solution For Business Litigation

Massachusetts Data Breach Law

By | Cyber Security, Data Breach

The Massachusetts Data Breach Notification Law requires businesses and others that own or license personal information of residents of Massachusetts to notify the Office of Consumer Affairs and Business Regulation and the Office of Attorney General when they know or have reason to know of a breach of security. They must also provide notice if they know or have reason to know that the personal information of a Massachusetts resident was acquired or used by an unauthorized person, or used for an unauthorized purpose. In addition to providing notice to government agencies, they must also notify the consumers whose information is at risk.

Definition Of Data Breach

A data breach is the unauthorized acquisition or use of sensitive personal information that creates a substantial risk of identity theft or fraud. Data breaches can be the result of criminal cyber-activity, such as hacking or ransomware, or because of employee error, such as emailing information to the wrong person.

Definition Of Personal Information

The law defines personal information as a resident’s first name and last name or first initial and last name in combination with any 1 or more of the following data elements that relate to such resident:

(a) Social Security number;

(b) driver’s license number or state-issued identification card number; or

(c) financial account number, or credit or debit card number, with or without any required security code, access code, personal identification number or password, that would permit access to a resident’s financial account.

Personal information does not include information that can be legally obtained from publicly available sources, such as addresses or birthdays.

Requirements For Reporting Data Breach

Within a reasonable amount of time after either the discovery of a breach or knowledge that personal information was obtained, the business or entity that was breached must notify both the Office of Consumer Affairs and Business Regulation and the Attorney General’s Office of the breach.

The notification must include:

  • A detailed description of the nature and circumstances of the breach of security or unauthorized acquisition or use of personal information;
  • The number of Massachusetts residents affected as of the time of notification;
  • The steps already taken relative to the incident;
  • Any steps intended to be taken relative to the incident subsequent to notification; and
  • Information regarding whether law enforcement is engaged investigating the incident.

Some data breaches are a result of a breach from a third-party vendor or other entity. For example, in addition to the regular reporting requirements, the law also requires financial institutions to report when a debit or credit card they issue is compromised. This means a breach may have occurred at a retailer but if the consumer used their bank issued card, the financial institution reports the breach as well.


If your business is presently or may soon be involved in data breach litigation in the United States, email us at or telephone us toll-free in the United States at 800-756-2143 to find business litigation contingency lawyers who may handle your data breach litigation matter on a contingency basis. – The Practical Solution For Business Litigation

Cybersecurity Litigation In 2017 And Beyond

By | Business Litigation, Cyber Security

An article entitled “2017 Cybersecurity Litigation Year in Review and Forecasts” published on December 22, 2017 in the New York Law Journal stated, “Cyber-related litigation continues to be volatile, with 2017 witnessing several momentous developments including rulings on standing, the extent of insurance coverage, the fate of the Fourth Amendment’s third-party doctrine in the digital age, and the emerging standard of care for cybersecurity. At the same time, Europe is seeing its own tectonic shifts in how it handles data, including data that is shared with the United States, creating some very serious fault lines that will need to be watched closely in 2018.”

” Courts in 2017 continued to conclude that commercial general liability policies do not always apply to cyber events. Cyber events may not even implicate the insurer’s duty to defend against breach class actions, much less provide coverage for resulting losses.”

” … 2017 saw adoption of the National Association of Insurance Commissioners (NAIC) Insurance Data Security Model Law. The Model Law establishes minimum cybersecurity standards largely consistent with New York’s regulation. Like the other key federal and state regulations, this Model Law promotes a proactive, holistic and risk-based cyber strategy and, importantly, it requires senior corporate oversight.”

” …  the General Data Protection Regulation (GDPR) enters into force on May 25, 2018. The GDPR is designed to be “future-proof” against technological developments and hopes to harmonize data privacy laws across the EU—but not necessarily with other jurisdictions—thus
setting up the potential for conflicting regulatory requirements for U.S. companies. While requiring greater transparency and accountability from companies, it includes greater privacy protections for individuals. As a matter of law, U.S. companies will have to comply with GDPR if they:

• target offering of goods or services to individuals in the EU (even if for free);

• monitor the behavior of individuals who are in the EU including for purposes such as behavioral advertising;

• provide services to EU clients involving using personal data, for example, by hosting EU personal data on U.S.-based servers; or

• provide centralized IT systems or data storage functions for the enterprise which contain personal data about the employees and customers of any EU subsidiaries.”

The article concluded: “Ultimately, 2017 was a tremendously significant year for cybersecurity litigation, and the explosion of cybersecurity
regulation in 2017 also signifies an even more significant litigation year in 2018, both here and abroad. Anticipating and mitigating what is coming not only helps prevent breaches, but also can help limit the litigation and regulatory enforcement fallout that could—and often does—ensue.”


If your business suffered financial or other significant harm due to a cybersecurity breach in  the United States, email us at or telephone us toll-free in the United States at 800-756-2143 to discuss whether your cyber security breach matter may be appropriate to be handled on a contingency basis. – The Practical Solution For Business Litigation

Cybercrimes Statistics

By | Cyber Security

The “2017 Cybercrime Report” (“Report”) published by Cybersecurity Ventures states: “Cybercrime is the greatest threat to every company in the world, and one of the biggest problems with mankind. The impact on society is reflected in the numbers. Last year, Cybersecurity Ventures predicted that cybercrime will cost the world $6 trillion annually by 2021, up from $3 trillion in 2015. This represents the greatest transfer of economic wealth in history, risks the incentives for innovation and investment, and will be more profitable than the global trade of all major illegal drugs combined.”

The Report states: “Cyberattacks are the fastest growing crime in the U.S., and they are increasing in size, sophistication, and cost … Cybercrime costs include damage and destruction of data, stolen money, lost productivity, theft of intellectual property, theft of personal and financial data, embezzlement, fraud, post-attack disruption to the normal course of business, forensic investigation, restoration and deletion of hacked data and systems, and reputational harm.”

The Report states: “The Yahoo hack was recently recalculated to have affected 3 billion user accounts, and the Equifax breach in 2017 — with 143 million customers affected — exceeds the largest publicly disclosed hacks ever reported. These major hacks alongside the WannaCry and NotPetya cyberattacks which occurred in 2017 are not only larger scale and more complex than previous attacks, but they are a sign of the times.”

Cybersecurity Ventures predicts that there will be 6 billion Internet users by 2022 (75% of the projected world population of 8 billion) — and more than 7.5 billion Internet users by 2030 (90% of the projected world population of 8.5 billion, 6 years of age and older).

Cybersecurity Ventures predicts global spending on cybersecurity products and services will exceed $1 trillion cumulatively from 2017 to 2021, and anticipates 12-15 percent year-over-year  cybersecurity market growth through 2021. Cybercrime will more than triple the number of job openings to 3.5 million cybersecurity unfilled positions by 2021.

Global spending on security awareness training for employees is predicted to reach $10 billion by 2027, up from around $1 billion in 2014. Training employees how to recognize and defend against cyber attacks is the most under-spent sector of the cybersecurity industry.

Global ransomware damage costs are predicted to exceed $5 billion in 2017, up more than 15X from 2015. Healthcare providers have been the bullseye for hackers over the past two years: ransomware attacks on healthcare organizations are expected to quadruple by 2020.

Nearly half of all cyber attacks are committed against small businesses, and the percentage is expected to rise in 2018. A business will fall victim to a ransomware attack every 14 seconds by 2019, increasing from every 40 seconds in 2017.

The Report states: “Cyber criminals are creating an average of around 1.4 million phishing websites every month with fake pages designed to mimic the company they’re spoofing. The average size of distributed denial-of-service (DDoS) attacks is 4X larger than what cybercriminals were launching two years ago — and more than 42 percent of DDoS incidents in 2017 exceed a whopping 50Gbps, up from 10 percent of cases in 2015.”


If your business suffered financial or other significant harm due to a cybercrime, email us at or telephone us toll-free in the United States at 800-756-2143 to discuss whether your cyber crime matter may be appropriate to be handled on a contingency basis. – The Practical Solution For Business Litigation

Significant Cyber Incidents In 2017 And 2018

By | Cyber Security

The Center for Strategic & International Studies provided the following summary of significant cyber incidents in 2017 and 2018, through April 2018:

April 2018. Israeli cyber researchers revealed that Hamas had planted spyware in mobile phones owned by members of Fatah, a rival Palestinian faction

April 2018. Reports from cyber security researchers indicate that Chinese state-sponsored hacking groups have targeted Japanese defense companies in an attempt to gain information on Tokyo’s policies towards North Korea

April 2018. Cyber security researchers warn that North Korean hacking groups are expanding their range of targets, attacking industries in Japan, Vietnam, and the Middle East

April 2018. US and UK officials issued a joint warning that Russia was deliberately targeting western critical infrastructure by compromising home and business routers

April 2018. The director of the UK’s Government Communications Headquarters (GCHQ) announced that the organization had been conducting offensive cyber operations against ISIS to suppress their propaganda, disrupt their coordination, and protect deployed military personnel

April 2018. The chief of Germany’s domestic intelligence services accused Russia of being behind the December 2017 attack on the government’s computer networks

April 2018. The UK’s National Cyber Security Centre released an advisory note warning that Russian state actors were targeting UK critical infrastructure by infiltrating supply chains

April 2018. All government services of Sint. Maarten, a Caribbean island and constitute country of the Netherlands, were taken offline for a week after a cyber attack. According to local authorities, this is the third cyber attack the country has faced in just over a year.

April 2018. The North Korean hacking group responsible for the SWIFT attacks was found to have targeted a Central American online casino in an attempt to siphon funds

March 2018. Online services for the city of Atlanta were disrupted after a ransomware attack struck the city’s networks, demanding $55,000 worth of bitcoin in payment. The city would eventually spend approximately $2.6 million recovering from the attack.

March 2018. Baltimore’s 911 dispatch system was taken down for 17 hours after a ransomware attack, forcing the city to revert to manual dispatching of emergency services

March 2018. The US Departments of Justice and Treasury accused Iran in an indictment of stealing intellectual property from more than 300 universities, as well as government agencies and financial services companies.

March 2018. The FBI and Department of Homeland Security issued a joint technical alert to warn of Russian cyber attacks against US critical infrastructure. Targets included energy, nuclear, water, aviation, and manufacturing facilities.

March 2018. A data breach of the company Under Armor compromised the information of 150 million users of its fitness and nutrition tracking app MyFitnessPal

March 2018. Cybersecurity researchers reveal that a Chinese hacking group used malware to attack the service provider for the UK government in an attempt to gain access to contractors at various UK government departments and military organizations

March 2018. Cybersecurity researchers announce evidence that the same North Korean hacking group linked to the SWIFT financial network attacks has been targeting several major Turkish banks and government finance agencies.

March 2018. A UN report details attempts by North Korean hackers to compromise email accounts of the members of a UN panel enforcing trade sanctions against North Korea.

February 2018. German news reported that a Russian hacking group had breached the online networks of Germany’s foreign and interior ministries, exfiltrating at least 17 gigabytes of data in an intrusion that went undetected for a year.

February 2018. The Justice Department indicted 13 Russians and three companies for their online efforts to interfere in the 2016 US presidential elections.

February 2018. The US and UK formally blame Russia for the June 2017 NotPetya ransomware attack that caused billions of dollars in damages across the world.

February 2018. A cyberattack on the Pyeongchang Olympic Games attributed to Russia took the official Olympic website offline for 12 hours and disrupted wifi and televisions at the Pyeongchang Olympic stadium.

February 2018. Officials at the Department of Homeland Security confirmed that Russian hackers successfully penetrated the voter registration rolls of several US states prior to the 2016 election.

January 2018. China denied that the computer network it supplied to the African Union allowed it access the AU’s confidential information and transfer it to China, or that it had bugged offices in the AU headquarters that it had built.

January 2018. A Japan-based cryptocurrency exchange reveals that it lost $530 million worth of the cryptocurrency NEM in a hack, in what amounts to possibly the largest cryptocurrency heist of all time.

January 2018. Norwegian officials discover a “very professional” attempt to steal patient data from a Norwegian hospital system, in an attack they speculate was connected to the upcoming NATO Trident Juncture 18 military exercise.

January 2018. A hacking group with ties to the Lebanese General Directorate of General Security was revealed to have been involved in a six-year campaign to steal text messages, call logs, and files from journalists, military officers, corporations, and other targets in 21 countries worldwide.

January 2018. The Unique Identification Authority of India and its Aadhaar system are hacked by unknown actors, resulting in the personal data of more than 1 billion people being available for purchase.

December 2017. French company Schneider Electric was forced to shut down operations of a power plant in the Middle East after malware compromised its industrial control systems. Analysis by security researchers indicated that the attack was sponsored by a nation-state.

November 2017. Three Chinese nationals employed at a China-based Internet security firm are indicted by a US grand jury for computer hacking, theft of trade secrets, conspiracy, and identity theft against employees of Siemens, Moody’s Analytics, and Trimble.

November 2017. Uber discloses that it paid hackers $100,000 to delete the stolen data of 57 million of its customers and drivers, including names, phone numbers, email addresses, and license plate numbers.

November 2017. Cybersecurity researchers report a cyberespionage campaign targeting government organizations in South America and Southeast Asia. The group, deemed to have nation-state capabilities, aimed to acquire foreign policy information from diplomatic and government entities.

November 2017. Cybersecurity researchers report a sophisticated Vietnamese hacking group responsible for cyber espionage campaigns targeting the ASEAN organization, foreign corporations with an interest in Vietnamese industries, and media, human rights, and civil society organizations.

October 2017. A major wave of ransomware infections hits media organizations, train stations, airports, and government agencies in Russia and Eastern Europe. Security researchers found strong evidence linking the attack to the creators of NotPetya, and noted that the malware used leaked NSA-linked exploits to move through networks. Ukrainian police later reported that the ransomware was a cover for a quiet phishing campaign undertaken by the same actor to gain remote access to financial and other confidential data.

October 2017. Yahoo updates the previous projections of 1 billion account affected in its massive 2013 breach, acknowledging that all 3 billion accounts were compromised.

October 2017. Russian hackers reported to be targeting potential attendees of CyCon, a cybersecurity conference organized by the US Army and the NATO CCD COE

October 2017. DHS and FBI reports warn of Russia-linked hackers targeting industrial control systems at US energy companies and other critical infrastructure organizations

October 2017. Poland’s Defense Minister reports that the country repelled a third Russian hacking attempt against companies in Poland, reportedly part of a larger campaign against Eastern European corporations.

October 2017. North Korean hackers were found to have targeted US electric companies in a spear-phishing campaign meant to probe utilities’ defenses.

October 2017. North Korean hackers allegedly broke into South Korea’s defense data center in 2016 and stole a large trove of sensitive documents over the course of a year, including joint U.S.-South Korean blueprints for war on the peninsula.

October 2017. China allegedly carried out a cyberattack against a U.S. think tank and law firm, both involved with fugitive Chinese tycoon Guo Wengui.

October 2017. The Australian Government revealed that hackers compromised an Australian national security contractor in 2016 and stole large amounts of data, including information related to the development of the F-35 Joint Strike Fighter.

October 2017. Reports surface that Russian government-backed hackers stole NSA hacking secrets from a contractor in 2015 by exploiting the Kaspersky antivirus software on the contractor’s home computer

September 2017. Russia compromised the personal smartphones of NATO soldiers deployed to Poland and the Baltic states.

September 2017. Press reports say that the US Cyber Command targeted North Korea’s the Reconnaissance General Bureau for denial of service attacks.

September 2017. China allegedly inserted malware into widely used PC management tool. The malware targeted at least 20 major international technology firms.

September 2017. The SEC reported that cybercriminals accessed the agency’s files in 2016 and used the information gathered for illicit trading

September 2017. Credit monitoring firm Equifax disclosed a July data breach that revealed 143 million people’s full names, social security numbers, birth dates, home addresses and driver’s license numbers, as well as 209,000 credit card numbers.

September 2017. Researchers report malware infections in Cambodia designed to surveil dissidents and disrupt domestic political activity.

August 2017 . Researchers inform the Estonian Information System Authority of a vulnerability potentially affecting the use of 750,000 Estonian e-ID cards. The government replaced the compromised cards in late 2017, but claims that no cards were ever hacked.

August 2017. South Korea’s Cyber Warfare Research Center reports that North Korea has been targeting South Korean Bitcoin exchanges.

August 2017. A state-sponsored spyware campaign targeted Indian and Pakistani government security and military organizations.

August 2017. The Scottish Parliament suffered from a brute force cyberattack similar to the one that compromised the British Parliament in June.

July 2017 . The Swedish Transport Agency’s outsourced data is hacked, potentially compromising confidential information and classified information on military plans.

July 2017. Security researchers revealed details of a wide-ranging malware campaign linked to China which used over 600 strains of malware to conduct espionage operations on Southeast Asian military and government organizations

July 2017. GCHQ issued a warning saying that state-sponsored hackers had likely broken into the Industrial Control Systems of UK energy companies

July 2017. Security researchers revealed an Iran-linked cyber espionage group active since 2013 that had used spear phishing and watering hole attacks to target government institutions, defense companies, IT firms and more in Israel, Saudi Arabia, the US, Germany, Jordan, and Turkey.

July 2017. The FBI and DHS announced that hackers had been targeting US energy facilities including the Wolf Creek Nuclear Operating Corporation in a campaign bearing resemblance to the operations of a known Russian hacking group

July 2017. Cyber research firms reported a new malware campaign launched the day after North Korea’s July missile tests. The identified family of malware featured a command and control infrastructure with links to South Korea, and had previously been used in three other campaigns linked to North Korea.

July 2017. Hackers attacked a partner of UniCredit, Italy’s largest bank, gaining access to loan and biographical data from 400,000 client accounts

July 2017 . Russian hackers used leaked NSA tools to compromise Wi-Fi servers in European and Middle Eastern hotels in a campaign targeting top diplomats and industrial leaders.

July 2017. The Qatari government accused hackers in the United Arab Emirates of posting fake news and attacking Qatari state-run media websites in a campaign designed to widen a rift between Gulf states.

June 2017. The New York Times revealed that spyware sold to the Mexican government was being used to target human rights lawyers, journalists, and anti-corruption activists

June 2017. US-CERT identified the North Korean government as being behind a DDoS botnet infrastructure used to target media, financial, aerospace, and critical infrastructure organizations worldwide

June 2017. A Russia-linked hacking group was found to have launched a spear-phishing campaign against Montenegro after the country announced its decision to join NATO

June 2017. A NotPetya ransomware attack shut down the port terminals of Danish shipping giant Maersk for two days, causing an estimated $300 million in associated costs

June 2017. Russian hackers used an updated ransomware program to target Ukrainian infrastructure, including power companies, airports, and public transit.

June 2017. A brute-force attack alleged to have been carried out by Iranian state actors compromised nearly 90 British members of parliament, whose email accounts were hacked.

May 2017. A ransomware campaign spread to 99 countries using a vulnerability revealed in the Shadow Brokers’ April 2017 dump of NSA tools.

May 2017. Lebanon accused Israel of hacking the Lebanese telecoms network and sending audio and WhatsApp messages to 10,000 people claiming that Hezbollah’s leader was behind the death of the group’s top commander.

May 2017. Thousands of emails and other documents from the campaign of French president-elect Emmanuel Macron, totaling 9 gigabytes, were released shortly before the election, in an effort linked to Russia.

April 2017. Irish state-owned utility EirGrid suffered a security breach at the hands of state-sponsored hackers involving a virtual wiretap allowing access to the company’s unencrypted communications.

April 2017. The Lazarus Group, thought to be associated with North Korea, was found to be involved in a spear phishing campaign against US defense contractors

April 2017. Cybersecurity researchers revealed a growing cyber-espionage campaign originating in China and targeting construction, engineering, aerospace and telecom companies, as well as government agencies, in the U.S., Europe, and Japan.

April 2017. The Danish Defense Intelligence Service reported that a “foreign player,” alleged by the Danish press to be Russia espionage group, had accessed Defense Ministry email accounts in 2015 and in 2016, but was unable to retrieve classified information.

April 2017. The Shadow Brokers, the group that claimed to have hacked the NSA in August 2016, released yet another trove of purported NSA hacking tools, including one that allowed the NSA to break into the SWIFT interbank messaging and money transfer system.

April 2017. Chinese attempts to penetrate South Korean military, government and defense industry networks continued at an increasing rate since a February announcement that the THAAD missile defense system would be deployed in South Korea.

March 2017. An intelligence report revealed a Russian operation to send malicious spear-phishing messages to more than 10,000 Twitter users in the Department of Defense. The malicious payloads delivered through these messages gave Russian hackers access to the victim’s device and Twitter account.

March 2017. The U.S. Department of Justice indicted two Russian intelligence agents and two criminal hackers over the September 2014 Yahoo hack, which compromised 500 million user accounts.

March 2017. Chinese police arrested 96 suspects charged with hacking into the servers of social media, gaming and video streaming sites, stealing personal information, and posting the information for sale on online forums.

March 2017. Wikileaks released a trove of sophisticated CIA hacking tools dated from 2013 to 2016, claiming that the release reflected several hundred million lines of CIA-developed code.

February 2017 . A suspected Russian hacker breaches at least 60 universities and US government organizations using SQL injections, including HUD, NOAA, Cornell University, and NYU, among many others. This follows up a hack by the same actor against the U.S. Electoral Assistance Commission in December 2016.

February 2017. Indian Central Bureau of Investigation and Army officers were targeted by a phishing campaign purportedly mounted by Pakistan.

February 2017. Hackers compromised the Singaporean military’s web access system and stole the personal information of 850 people. The Ministry of Defense said it was likely the attack was state sponsored.

February 2017. A sophisticated malware operation extracted over 600 gigabytes of data from 70 mostly Ukrainian targets in the fields of critical infrastructure, news media, and scientific research.

January 2017. A Swedish foreign policy institute accused Russia of conducting an information warfare campaign, using fake news, false documents, and disinformation intended to weaken public support for Swedish policies.


If your business suffered financial or other significant harm due to a cybersecurity breach, email us at or telephone us toll-free in the United States at 800-756-2143 to discuss whether your cyber security breach matter may be appropriate to be handled on a contingency basis. – The Practical Solution For Business Litigation