Topics
Latest
AI
Amazon
Image Credits:Bryce Durbin / TechCrunch
Apps
Biotech & Health
mood
Image Credits:Bryce Durbin / TechCrunch
Cloud Computing
Commerce
Crypto
Enterprise
EVs
Fintech
fundraise
gizmo
punt
Government & Policy
Hardware
Layoffs
Media & Entertainment
Meta
Microsoft
Privacy
Robotics
Security
Social
Space
Startups
TikTok
Department of Transportation
speculation
More from TechCrunch
event
Startup Battlefield
StrictlyVC
newssheet
Podcasts
Videos
Partner Content
TechCrunch Brand Studio
Crunchboard
Contact Us
A U.S.-based independent cybersecurity journalist has refuse to comply with a U.K. court - place injunction that was sought following their reporting on a recent cyberattack at U.K. secret health care heavyweight HCRG .
Law business firm Pinsent Masons , which served the February 28 royal court monastic order on behalf of HCRG , involve that DataBreaches.net “ take down”two articlesthat referenced theransomware attack on HCRG .
The police house ’s observance to DataBreaches.net , which TechCrunch has seen , stated that the accompany enjoinment was “ obtain by HCRG ” at the High Court of Justice in London to “ prevent the publication or disclosure of confidential data point steal during a recent ransomware cyberattack . ”
The house ’s missive states that if DataBreaches.net disobey the cease and desist order , the site may be found in scorn of court , which “ may result in imprisonment , a criminal fine or bear your assets seized . ”
DataBreaches.net , execute by a journalist who operates under the pseudonym Dissent Doe , refuse to remove the post , and alsopublished details of the enjoining in a blog Emily Post Wednesday .
Dissent , citing a letter of the alphabet from their law firm Covington & Burling , said they would not abide by with the rescript on undercoat that DataBreaches.net is not subject to the jurisdiction of the U.K. injunction and that the reporting is licit under the First Amendment in the United States , where DataBreaches.net is based .
Dissent also noted that the text of the court of justice order does not specifically name DataBreaches.net nor cite the specific article in inquiry .
Legal threatsanddemandsarenot uncommonin cybersecurity news media , since the reporting often imply uncovering entropy that company do not want to be made public . But enjoining and effectual demands are seldom published over risk or fears of effectual repercussions .
The details of the enjoinment declare oneself a rare perceptiveness into how U.K. law can be used to issue effectual demands to remove published stories that are critical or embarrassing to companies .
The law firm ’s letter of the alphabet also confirms that HCRG was polish off by a “ ransomware cyber - flak . ”
HCRG , formerly known as Virgin Care and one of the heavy independent health care supplier in the U.K. , confirmed on February 20 it wasinvestigating a cybersecurity incidentafter the Medusa ransomware work party claimed responsibility for the breach , say it had slip 2 terabytes of data point from the company ’s systems . HCRG has more than 5,000 employees and covers a half million affected role across the United Kingdom .
When attain by TechCrunch , HCRG spokesperson Alison Klabacher said : “ We can confirm that we took sound military action aimed at prevent republication of any information get at by the criminal chemical group , to minimise potential risk to those who may have been affected . ”
“ We are investigate the incident with the support of extraneous specializer and will advise ( and have notified ) anyone affected as necessary base on our investigating , ” HCRG ’s spokesperson added .
Neil Kennedy , a spokesperson for Pinsent Masons , the police firm representing HCRG , would not provide commentary when hand by TechCrunch .
According to the effectual demand , Pinsent Mason cited two posts published on DataBreaches.net , which reported that the Medusa ransomware gang had train credit for the HCRG cyberattack and that the deplorable ring was threatening to publish reams of in person identifiable data and raw health data if HCRG did not pay a ransom money . The gang publish several screenshots of the steal datum on its disconsolate web leak land site as evidence of their claim .
The situation issue on DataBreaches.net containmuch of the same informationthat TechCrunch and other outlets have independently confirmed and reported .
According to Dissent , Pinsent Masons sent the injunction to DataBreaches.net ’s domain of a function registrar , which in twist warn that DataBreaches.net would have its vane domain suspended if the posts were not removed . The domain of a function registrar by and by reversed form and decline to suspend DataBreaches.net , read Dissent .
HCRG has not yet publicly expose the break on its website . Dissent said intheir blog post Wednesdaythat in absence of updates from HCRG , much of the details about HCRG ’s cyberattack have been brood by main diarist , include cybersecurity blogSuspectFile , which break raw detail about the HCRG cyberattack .
Dissent say that the homage ’s injunction otherwise “ would foreclose the public from finding out that the breach was a serious one with likely many masses affected ” and “ could enter the door to widespread censorship of journalists in the U.K. or elsewhere . ”
“ diarist with any connecter to the U.K. might be netmail injunctions demanding they remove past reporting on data stolen from U.K. entities , or they could be prohibited from any future reporting on any data stolen from a U.K. entity , ” said Dissent .
Updated with response from Pinsent Masons .
