The conversation surrounding the data we put online continues to heat up. Bloomberg reports that in 2015, Twitter sold access to randomly selected tweets to Aleksandr Kogan, the individual who created the personality quiz that Cambridge Analytica then used to harvest Facebook user data. Working under his own commercial enterprise, Global Science Research, Mr. Kogan gained access to a random sampling of five months of Twitter posts, covering the dates of December 2014 to April 2015. As of the date of this blog post, Twitter has not provided any further details other than confirming that it provided access to this public data information through its application programming interface, known as API, and that Global Science Research paid for this access. While at this stage, not much is known about Global Science Research’s purpose for accessing this data, it becomes yet another example of a social media company sharing its users’ information, this time for a price. In our interconnected world, it will be interesting to see if social media users begin to retreat from sharing information online or whether such practice is already too entrenched in our day to day life to experience a shift.
Yesterday the United States Court of Appeals for the Seventh Circuit weighed in on the consumer class action standing issue. The court found that Barnes & Noble customers have standing to pursue a class action concerning the hacking of the retailer’s PIN pads. In doing so, the Seventh Circuit reversed a district court ruling dismissing the complaint for failure to adequately plead damages. The Court of Appeals determined that the time value of money which had been removed from plaintiffs’ accounts (even though it was ultimately returned), the costs of credit monitoring, and the time invested to create new accounts all were sufficient to provide standing. Continue Reading The Seventh Circuit Weighs In On Standing
The Federal Bureau of Investigation and the Department of Homeland Security issued a joint Technical Alert late last week to warn that Russian government-based hackers are actively targeting U.S. utilities, other critical infrastructure, aviation, manufacturing, and commercial facilities. The alert reports that the Russian hackers are initially obtaining access to suppliers or third-party vendors as “staged targets,” waiting for an opening, and then accessing their ultimate “intended target” utilizing malware and spear phishing techniques. Once the hackers gain access to the intended target, they conduct reconnaissance and collect information on the industrial control systems. The hackers use that information to take control of those systems, allowing them to conduct multiple, simultaneous shutdowns in a coordinated attack to deny necessary services such as electricity and water. These attacks highlight the necessity for third-party and vendor due diligence. See our Three Minute Check-In Series here to learn more.
*Brad Davis is a Legal Intern in the Privacy and Cybersecurity Practice Group of Murtha Cullina LLP.
In this inaugural episode of the Murtha Cullina Cybersecurity Three Minute Check In Series, Dena Castricone addresses vendors, the risk they pose and simple steps to reduce risk.