Data Dive

President Joe Biden signed into law cyber legislation that requires, among other things, certain companies to report cyberattacks to the federal government within 72 hours, and ransomware payments within 24 hours. This post summarizes the key takeaways for affected companies in order to prepare for the new requirements.

Akin Gump published a client alert on Bulgaria’s biggest ever data breach. On 15 July 2019, an unprecedented cyber-attack in Bulgaria was announced. Hackers have stolen data from the National Revenue Agency (“NRA”) relating to around 70% of Bulgaria’s population, including foreign nationals and businesses, and comprising names of individuals and companies, personal and corporate identification numbers, email addresses, healthcare and pension contributions information and income details. According to news reports, the Bulgarian Government had thus far considered the NRA system to be one of the most advanced systems, into which substantial and continuous investment has been made. By contrast, the hackers claimed the opposite. The Chairman of Bulgaria’s Commission for Personal Data Protection announced that he would commence an investigation against NRA. In the wake of such a large-scale cyber-attack, we consider certain steps which organisations and individuals might take in the context of cybersecurity and data breach.

Please click here to read the full alert.