Total Tests:

Ransomware Group Reports Victim to SEC

By Phil Muncaster for Infosecurity Magazine
Thursday, November 16, 2023

However, the move by BlackCat may be intended more as a warning to other victims than a genuine attempt to pressure MeridianLink into paying. The new SEC reporting rules don’t officially kick in until December 15 this year.

ImmuniWeb chief architect, Ilia Kolochenko, warned that disclosures to regulatory agencies in the US and EU could become more frequent going forward, increasing the jeopardy for publicly listed firms.

“Victims of data breaches should urgently consider revising their digital forensics and incident response (DFIR) strategies by inviting corporate jurists and external law firms specialized in cybersecurity to participate in the creation, testing, management and continuous improvement of their DFIR plan,” he argued.

“Many large organizations still have only technical people managing the entire process, eventually triggering such undesirable events as criminal prosecution of CISOs and a broad spectrum of legal ramifications for the entire organization. Transparent, well-thought out and timely response to a data breach can save millions.”

A MeridianLink statement republished on X claimed that the firm discovered an incident on November 10 and “acted immediately to contain the threat.” Read Full Article

Book a Call Ask a Question
Talk to ImmuniWeb Experts
ImmuniWeb AI Platform
Have a technical question?

Our security experts will answer within
one business day. No obligations.

Have a sales question?
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
Your data will stay private and confidential