Craig Hoffman

Craig Hoffman

BakerHostetler

Contact  |  View Bio  |  RSS

Latest Posts › Data Protection

Share:

Secret Service Raises Warning About Backoff POS Malware

The Secret Service, which investigates financial crimes, issued a security Alert on July 31, 2014, warning of malware named “Backoff” that was being used to steal payment card data from point-of-sale (POS) systems. The Alert...more

8/25/2014 - Cyber Attacks Cybersecurity Data Protection Debit and Credit Card Transactions Malware Passwords Point of Sale Terminals Popular Risk Alert

New Guidance for Merchants on Ensuring that Service Providers Share Security Responsibility

For merchants, long gone are the days of using a card reader with a dial-up connection to their payment processor. Today’s omni-channel retailers rely on multiple third party service providers to complete payment card...more

8/19/2014 - Data Protection Debit and Credit Card Transactions Mobile Payments Online Payments PCI Personally Identifiable Information Retailers

What’s Old is New Again—Insecure Remote Access

When a merchant is suspected of being the victim of an account data compromise event, they are often required by the card brands to hire a Payment Card Industry Forensic Investigator (PFI). The PFI provides a report on the...more

7/23/2014 - Credit Cards Data Breach Data Protection Point of Sale Terminals

What is “Expedient” Notification of a “Data Breach?”

One of the first questions companies ask us when we are hired to help them respond to a new security incident is how fast they have to notify if the investigation shows that a “breach” occurred. Except for a couple of states...more

2/13/2014 - Breach Notification Rule Compliance Data Breach Data Protection Employer Liability Issues

Do Merchants That Outsource Payment Processing Still Have Risk From a Breach?

Last week a small New England bakery announced that its point-of-sale (POS) devices were infected with malware that may have put card data at risk....more

2/11/2013 - Credit Cards Cybersecurity Data Breach Data Protection Debit and Credit Card Transactions Notice Requirements Notifications PCI PFI

Bank Agrees to Reimburse Company for Funds Taken Through Online Bank Account Theft

We reported in July on a First Circuit Court of Appeals decision finding that a bank failed to implement commercially reasonable security methods to prevent unauthorized transfers by a criminal that gained the online banking...more

12/6/2012 - Bank Security Procedures Data Breach Data Protection Financial Institution Liability Hackers

6 Results
|
View per page
Page: of 1