Scott Pettigrew reports: The Ontario information and privacy commissioner has released a report following a massive privacy breach through technology used by many schools in the province. The PowerSchool incident, which affected millions of Canadians across the country, saw personal information stolen in December of 2024. The company admitted to paying a ransom to recover…
Category: Commentaries and Analyses
Sue The Hackers – Google Sues Over Phishing as a Service
Mark Rasch writes: When something goes wrong, after exhausting all other possible alternatives, a company may go to its lawyer with the silliest question you can ever ask a lawyer — “Can I sue?” The basic answer is, “if it moves, sue it…” “If it doesn’t move… move it… then sue it…” And when asked,…
From bad to worse: Doctor Alliance hacked again by same threat actor (2)
On November 12, DataBreaches reported that Doctor Alliance had allegedly been hacked by a threat actor who listed the data for sale on a clearnet forum. At the time, “Kazu” claimed to have 353 GB of data and had given Doctor Alliance a November 21 deadline to pay $200,000 or the data would be sold…
Checkout.com Discloses Data Breach After Extortion Attempt
Ionut Arghire reports: Global payment service provider Checkout.com has disclosed a data breach after a known hacking group attempted to extort it. The incident, Checkout says, involved a legacy, third-party cloud file storage system that had not been used since 2020, and did not affect its payment processing platform. “The system was used for internal…
Did you hear the one about the ransom victim who made a ransom installment payment after they were told that it wouldn’t be accepted?
Millicom describes itself as a leading provider of fixed and mobile telecommunications services dedicated to markets in Latin America. With headquarters in Luxembourg and Florida, the company is listed on the NASDAQ stock exchange (TIGO). Through Tigo, Tigo Business, and its products and services such as Tigo Music, Tigo Sports, Tigo Money, and ONEtv, Millcom…
District of Massachusetts Allows Higher-Ed Student Data Breach Claims to Survive
Melanie A. Conroy of Pierce Atwood LLP writes: In a recent blog post, we explained how Webb v. Injured Workers Pharmacy, LLC has become a touchstone for courts analyzing Article III standing in data breach class actions, citing Shea v. American International College as a recent example. This post explores the Shea decision in greater depth. On September 5, 2025, Judge Angel…