Law Firm Sues Insurance Company Over Refusal to Pay NotPetya Claim

Multi-national law firm DLA Piper has been denied payment of a claim over the NotPetya malware infection. Its insurance company, Hiscox, maintains that it does not need to pay under the “acts of war” exclusion clause based on a statement from the UK government that the Russian military was “almost certainly” responsible for the attack.
Editor’s Note

[Murray]
This would be a novel application of the exclusion. However, the dispute demonstrates that small to medium size enterprises may not have the expertise to negotiate “cyber” insurance policies or claims. They should consider the use of brokers and adjusters specializing in these policies.
Read more in:
– www.scmagazine.com: Insurer refuses payout to DLA Piper over NotPetya cyberattack
– www.infosecurity-magazine.com: DLA Piper Set to Sue Insurer Over NotPetya Claim: Report

UConn Health Center Hit with $5M Lawsuit Over Breach

The University of Connecticut Health Center is being hit with a $5 million class action lawsuit over a data breach that exposed 326,000 current and former patients.
Read more in:
– www.scmagazine.com: UConn Health Center hit with $5M suite over breach

Microsoft Uses Court Order to Sinkhole Iranian Hacker Websites

Microsoft’s Digital Crimes Unit obtained a court order to take over and sinkhole nearly 100 websites that were being used by Iranian hackers to launch attacks. The hackers used spear phishing attacks and spoofed websites to steal credentials and gain access to targeted computers. The hacking group focuses on businesses and government agencies as well as journalists and human rights activists.
Editor’s Note

Read more in:
– www.cyberscoop.com: Microsoft uses court order to shut down APT35 websites
– thehill.com: Microsoft takes down sites tied to suspected Iranian hackers
– www.bleepingcomputer.com: Microsoft Retaliates Against APT35 Hacker Group by Seizing 99 Domains
– blogs.microsoft.com: New steps to protect customers from hacking