Why is the FBI accessing computers all over the U.S.? What’s the state of the CCPA over a year after it took effect?
“If you spend more on your coffee than on securing your email communications, you’ll be hacked.” – EmailOut
In this article, we’ll cover the following email industry news:
- The FBI deleting Microsoft Exchange hacks
- [Report] 2021 Consumers Privacy: The State of CCPA
Let’s dive in.
The FBI’s Solution To The Microsoft Exchange Hack
Not updating your Microsoft Exchange email servers? The FBI will do it for you.
The U.S. DOJ announced a Houston court has authorised the FBI to access hundreds of computers across the U.S. to “copy and remove” backdoors from hundreds of Microsoft Exchange email servers after hackers exploited four zero-day vulnerabilities to attack the email servers of tens of thousands of businesses and local governments.
Microsoft released patches to fix the previously undiscovered vulnerabilities and the number of infected servers dropped significantly. However, even applied, the patches did not close the backdoors to the Microsoft Exchange Servers (MES) that had already been breached.
According to the Department of Justice announcement –
“The FBI conducted the removal by issuing a command through the web shell to the server, which was designed to cause the server to delete only the web shell (identified by its unique file path). The operation only removed the backdoors but did not patch the vulnerabilities initially exploited by cyber attackers or remove any malware left behind.”
This is the first known case of the FBI effectively cleaning up private networks following a cyberattack. But the whole operation also raises concerns about the FBI’s jurisdiction when dealing with cyberattacks against the U.S.
The State Of CCPA
The California Consumer Privacy Act (CCPA) went into effect on January 1, 2020, giving Cali consumers the right to take more control over their data for the first time. Though the legislation is just over a year old, millions of Californian consumers have already exercised their CCPA rights.
DataGrail analysed data subject requests (DSRs) processed through 2020 and the results were presented in a powerful report – 2021 Consumer Privacy Report: The State of CCPA.
- consumers are less interested in gaining access to their data than preventing its sale to third parties
- B2C businesses received approximately 137 DSRs per million identities in 2020
- 46% of consumers are most likely to opt-out of their data being sold to a 3rd party by submitting do-not-sell (DNS) requests
- over 46% of DSRs go unverified meaning the requester didn’t prove their identity
- manually processing requests may incur costs around $190K per million identities
To find more details about what to expect from the CCPA and other privacy laws, download the full 2021 Consumer Privacy Report: The State of CCPA
Do you have any suggestions or ideas about which email industry news topics you’d like us to look out for in the future? Write your requests below. We’ll keep an eye out (or two) so you don’t have to – and all for FREE, of course.
EmailOut offers the most generous freemium email marketing software product for professional micro-businesses and SMEs across the globe coupled with the very best rates for large volume corporate senders. Take a look now.