February Cyber update from the Office of Rob Kleeger
Feb 14, 2023 3:51 pm
,
On this Valentine's Day, we remember those who make a difference in our lives, The warm-hearted and friendly folks who always bring a smile, I am grateful to have you in my life, And that's why I want to say, To a unique and exceptional person: Have a wonderful Valentine's Day!
All the best,
Rob Kleeger
1010101001010111010101100010100101010010101
Words of Wisdom:
“Chains of habit are too light to be felt until they are too heavy to be broken."
- Warren Buffett
1010101001010111010101100010100101010010101
CURRENT DATA SECURITY NEWS:
Reddit admits it was hacked and data stolen, says “Don’t panic”
On late (PST) February 5, 2023, we became aware of a sophisticated phishing campaign that targeted Reddit employees. As in most phishing campaigns, the attacker sent out plausible-sounding prompts pointing employees to a website that cloned the behavior of our intranet gateway, in an attempt to steal credentials and second-factor tokens.
After successfully obtaining a single employee’s credentials, the attacker gained access to some internal docs, and code, as well as some internal dashboards and business systems.
Pepsi Bottling Ventures Breached Following Malware Attack
Following a network intrusion in which information-stealing malware was installed, and data was extracted, Pepsi Bottling Ventures LLC, one of the largest bottlers of Pepsi-Cola beverages in the United States, experienced a data breach. Although the security lapse occurred on December 23, 2022, it was uncovered on January 10, 2023. The scope of the breach at Pepsi Bottling Ventures LLC is still being investigated, but preliminary reports indicate that a significant amount of personal and financial information was stolen.
Troutman Pepper Hit With Cyberattack, Firm Acknowledges
Troutman Pepper Hamilton Sanders, a well-known law firm, has confirmed that it was the target of a cyberattack on February 8th. The attack caused major disruptions in the firm’s operations, as employees were initially unable to access all of the network resources they needed to carry out their work.
The cyberattack on Troutman Pepper is a reminder of the importance of having strong cybersecurity measures in place. Law firms, in particular, are vulnerable to cyberattacks because of the sensitive information they handle. As a result, it is essential that law firms have robust cybersecurity measures in place to protect their systems and the sensitive information they hold.
1010101001010111010101100010100101010010101
CURRENT LEGAL CASE UPDATES:
IMO, Non-Competition agreements do serve some very important purposes when used appropriately.
Those who paid attention to President Biden's State of The Union, He made mention on the FTC’s proposed ban on noncompetes, "For example, 30 million workers had to sign non-compete agreements when they took a job. So a cashier at a burger place can’t cross the street to take the same job at another burger place to make a couple bucks more. Not anymore! We’re banning those agreements so companies have to compete for workers and pay them what they’re worth."
The U.S. Chamber of Commerce has already vowed to challenge the FTC’s rule, which the Chamber views as just one more part of the FTC’s (improper) “Rule-a-Palooza” (as they call it). Given that Congress has returned to the fray, we may quickly find that the FTC’s rule is the tail wagging the dog.
Not sure a cashier would be the appropriate use of a non-compete. Stay Tuned!
EBIN New York v. SIC Enterprise, Inc. EDNY September 23, 2022
The duty to preserve potentially relevant data extends to when “litigation is reasonably foreseeable.” This broad standard, in today’s big data world, can make it complicated for businesses to clearly communicate when litigation is likely and burdensome to implement processes to find and preserve that data.
The plaintiff filed suit in this trade dress violation and unfair competition lawsuit in Feb. 2019, alleging that the defendant had sold a hair product with packaging resembling their own. Plaintiff issued a legal hold, including sending a letter to its customers requesting they preserve records relating to their products and other products that may have infringed on their intellectual property rights.
The court found that the plaintiff had a duty to preserve the text messages, but the “Defendants have not shown that it is more likely than not that Plaintiff intended to deprive Defendants of the ESI or that there was an intent to deprive shown by clear and convincing evidence.”
Different courts have identified different triggers for when preservation duties attach, ranging from when litigation is “reasonably foreseeable” to when it is “reasonably anticipated” to when it is “likely” or “imminent.” Magistrate Judge Merkl adopted the “reasonably foreseeable” standard here, but declined sanctions, did not impose attorneys’ fees, and reserved ordering any curative measures for lost data because there was no FRCP 37(e) showing of intent to deprive or prejudice from the loss of data.
Tomgal LLC v. Castano - (No. 22-cv-9516 (JGK) United States District Court, S.D. New York)
Judge John Koeltl of the U.S. District Court for the Southern District of New York denied an injunction request, reasoning that irreparable injury did not exist because any injury arising from the misappropriated trade secrets could be easily calculated. Judge Koeltl found “every unit of inventory that [defendant] Fashion Code sells to a Robin Ruth distributor is a sale that Robin Ruth did not make,” i.e., profits from the sale of the products containing the misappropriated trade secrets could be easily monetized. Judge Koeltl also rapped the plaintiff’s knuckles on laches grounds, finding that a 7-month delay was substantial and unreasonable.
Brown v. Nolen, 2022 U.S. App. LEXIS 35917 (DC Cir. Dec. 29, 2022) Unpublished
Gerald Brown, a United Parcel Service (UPS) pilot, petitions for review of a decision of the National Transportation Safety Board (NTSB), affirming the Federal Aviation Administration's (FAA) revocation of his airline transport pilot certificate based on [*2] an alleged in-air altercation between Brown and another crewmember. Brown contends that the NTSB erred in affirming the credibility determinations, factual findings, legal conclusions and spoliation ruling of the Administrative Law Judge (ALJ) after an administrative hearing. They disagreed and denied the petition for review.
Bottom Line- Unaffiliated Third Party Has No Duty to Preserve Evidence for a Litigant — Compliance with Law Is a Valid Defense to a Spoliation Motion
N.J. Chief Justice Halts Civil, Divorce Trials In Six Counties Due To Judicial Shortages
Stuart Rabner, the chief justice of the New Jersey Supreme Court, recently suspended civil and matrimonial trials in six New Jersey counties because of the high number of judicial vacancies. He said that courts in Cumberland, Gloucester, Hunterdon, Salem, Somerset, and Warren counties, will stop holding trials on February 21, with exceptions “for very limited circumstances. Without additional relief, we may well face the same situation in other vicinages in the near future.”
1010101001010111010101100010100101010010101
CYBER SECURITY TIPS OF THE MONTH:
- Never Save your passwords while typing in your credentials. Your details would be more protected.
- Do not share your password with anyone.
- Never leave your Bluetooth and wifi hotspot running for too long. Once their purpose is served, ensure that you turn them off to avoid attacks on your device.
- Update your software regularly as it fixes bugs and upgrades existing security issues.
- Don’t assume cybersecurity begins and ends in the office.
1010101001010111010101100010100101010010101
DON'T FORGET ABOUT US:
Digital4nx Group provides a blend of legal and technology services where we systematically identify, preserve, extract, analyze, and interpret digital evidence.
Our services are commonly used to:
- React and respond by providing litigation support services for plaintiffs or defendants, as well as providing expert testimony and consulting, both in and out of court.
- Proactively identify and provide insights on how to better secure your confidential data, technology, and compliance.
Cyber Security Services
Cyber incidents can be damaging to an organization, both in the short and long term. Digital4nx Group helps business leaders protect their “crown jewels” through reasonable, defensible, and cost-effective services... Before, During, and After a Data Incident! We offer a multi-disciplined approach to cyber services such as:
- Advanced “Ethical Hacking”
- Cyber Risk and Compliance Assessments
- Incident Response to Cyber Incidents or Data Breaches
- Cyber Security Awareness Training
- CISO-as-a-service