Here are some interesting updates about cybersecurity threats and new trends.
Copyright vs. Access: Internet Archive's Setback in Digital Library Case
Brewster Kahle launched the Internet Archive, a non-profit digital library, in 1996. Four major publishing houses are suing the organization. In June 2020, Hachette Book Group, HarperCollins Publishers, John Wiley & Sons, and Penguin Random House sued the Internet Archive for copyright infringement.
The complaint focuses on the Internet Archive's practice of scanning and lending actual books through its Open Library project. The publishers say that the "controlled digital lending" (CDL) model violates their copyrights and reduces their capacity to benefit from e-book sales.
In response, the Internet Archive claims that its actions are protected by the fair use theory and are necessary for maintaining access to knowledge. They believe that their CDL model is similar to traditional library lending, with only one copy loaned out at a time for each actual book possessed.
The case has significant consequences for digital libraries and the future of book lending in the digital era. Many librarians and digital rights supporters back the Internet Archive, seeing the lawsuit as a danger to the concept of digital ownership and libraries' ability to serve their communities in the digital age.
Source: The Washington Post
From Shutdown to Restart: American Water's Cybersecurity Recovery
American Water, the largest regulated water and wastewater company in the United States, is reactivating its systems following a cybersecurity issue reported on October 7, 2024. The corporation has assured the public that the event had no effect on water or wastewater infrastructure, and that water quality remained unaltered. As part of the recovery process, American Water's customer interface, MyWater, has been restored, and routine billing processes are resumed without late fees for the duration of downtime.
System reactivation occurs when both internal and external teams validate the security of the company's infrastructure. Professionals and law enforcement are conducting an ongoing investigation into the incident's nature and depth. In response to the incident, American Water has taken extra efforts to strengthen its cybersecurity procedures, proving its commitment to securing its systems and customers' data.
Source: American Water
FTC's New 'Click-to-Cancel' Rule
The Federal Trade Commission (FTC) has finalized a "click-to-cancel" rule designed to make it easier for customers to terminate recurring subscriptions and memberships. This new rule requires businesses to make cancelling as simple as signing up for a service.
The rule, which takes effect 180 days after being published in the Federal Register, applies to practically all negative option programs in various media. It forbids vendors from misrepresenting material facts, demands explicit disclosure of critical information prior to gathering billing information, and requires informed permission for negative choice features.
Key provisions of the rule include:
- Prohibiting misrepresentation of material facts in marketing.
- Requiring clear disclosure of terms before obtaining billing information.
- Mandating express informed consent before charging consumers.
- Providing a simple cancellation mechanism to halt charges immediately.
The FTC reports that it receives approximately 70 consumer complaints each day about negative option and recurring subscription practices. This rule seeks to address these concerns by providing a standard legal framework for enterprises.
While the FTC sees this as a consumer protection tool, certain business organizations, including the US Chamber of Commerce, have challenged the rule for exceeding regulatory limitations.
Source: Federal Trade Commission
Marriott Checks Out $52M for Years-Long Data Exposure
Marriott International has agreed to pay a $52 million settlement to 50 US states following a huge data breach that affected 131.5 million American customers. The vulnerability, discovered in September 2018, exposed 339 million visitor records worldwide and went undiscovered from July 2014 until September 2018.
The settlement addresses charges that Marriott breached consumer protection, personal information protection, and breach notification regulations. In addition to the financial penalty, Marriott has promised to improve its cybersecurity policies, including developing a comprehensive information security program based on zero trust principles.
In a separate action, the FTC has ordered Marriott and its subsidiary Starwood Hotels & Resorts Worldwide to improve their information security standards. The FTC accused the corporations of misleading customers by asserting sufficient data security but failing to adopt adequate security measures.
The breaches occurred between 2014 and 2020, affecting over 344 million clients worldwide. Marriott will now be obligated to provide a mechanism for American customers to request the deletion of their personal information and to evaluate their rewards accounts upon request.
Source: Infosecurity Magazine
Nidec Confirms Data Leak in Ransomware Attack
Nidec Corporation, a well-known Japanese electric motor manufacturer, has reported falling victim to a ransomware attack that resulted in company data being released online. On June 28, 2023, Nidec realized that its internal systems had been infiltrated. In response, the corporation quickly shut down affected systems and launched an investigation with the assistance of external cybersecurity specialists. While Nidec has yet to publicly identify the ransomware group responsible for the attack, they are aggressively investigating the entire scope of the data loss and its possible impact on operations and customers. The company has indicated its commitment to restoring systems and strengthening cybersecurity protections, and it has contacted the appropriate authorities in accordance with data protection legislation. This incident highlights the ongoing threat of ransomware to large organizations and the vital need of maintaining strong cybersecurity defenses in today's digital landscape.
Source: TechRadar Pro
.jpeg)
