- Chief Compliance Officer and VP of Legal Affairs, Arrow Electronics
By 
Neil Hodge2023-09-07T13:21:00
Companies that think paying ransomware demands would be a better move than informing regulators of a data breach are playing with fire, according to experts.
Recent reports have indicated a cybercrime group called “Ransomed” is trying to persuade the companies it hacks that paying its cut-price ransom demands quickly—and quietly—outweighs any fine a data protection authority (DPA) might levy for breaching privacy rules such as the European Union’s General Data Protection Regulation (GDPR).
However, data privacy experts see the issue differently.
THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.
News and analysis for the well-informed compliance or audit exec.
Register for free
Access one free, non-premium article each month.
Complimentary CPE webcasts, resources, and e-Books.
Annual Membership best value
Subscribe now for $365
Our lowest price ($1 per day) for one year.
Despite its reputation as a fierce enforcer of sanctions, the Office of Foreign Assets Control has a softer side and wants to help companies that are hit with ransomware attacks, according to the agency’s senior compliance officer.
Holding on to data for longer than necessary creates vulnerabilities for businesses by giving cyberattackers more avenues to access an organization’s computer systems.
MGM Resorts International said it expects to take a $100 million hit as part of the fallout of a cyberattack that has most significantly impacted its Las Vegas operations.
UnitedHealth Group’s response to a major cyberattack in February that wreaked havoc with medical payments nationwide has been “inadequate” and must be improved immediately, a group of 22 state attorneys general told the company.
The massive cyberattack on Change Healthcare has potentially compromised the personal and protected health information of an untold number of Americans, according to parent company UnitedHealth Group.
AT&T said personal account data on approximately 73 million current and former customers was released on the dark web two weeks ago but has not yet identified when and where the breach occurred.
