Last week was certainly the “week of the Heartbleed.” Unless you have been on vacation on a remote island (and if so, good for you!), you have heard and read much about the latest mass bug to infect the Internet....more
The FTC’s Claim -
A New Jersey federal judge has confirmed the Federal Trade Commission’s (“FTC”) authority to regulate data security and bring claims against companies suffering data breaches due to inadequate...more
The vulnerability caused by the Heartbleed bug circumvents the purpose of OpenSSL: encryption. Therefore, the conclusion would appear to be that any data breach during the time of OpenSSL vulnerability would be reportable...more
UPDATE to our story yesterday:
In what apparently is a big “oops,” two banks that took legal action against Target over its recent data breach have withdrawn their claims. The suits were withdrawn due to an erroneous...more
Last Monday in March (Opening Day for you baseball fans) - some privacy/security bits and bytes to close out the month....more
It has been difficult to keep up with all the various permutations of the Target data breach saga.
Yesterday, the fingerpointing continued in the form of the release of a Harris Poll and testimony on Capitol Hill at a...more
Welcome to March Madness — although if your brackets look anything like mine do this morning, it is not particularly “welcome.” Let’s just say that there is no danger of my winning Warren Buffet’s $1 billion....more
On this Privacy Tuesday:
US Attorney General Puts Pressure on Congress for Data Breach Disclosures -
Today, US Attorney General Eric Holder urged Congress to pass legislation requiring retailers to make...more
Officials at the University of Maryland (“University” or “UMD”) announced that UMD was the victim of a significant security breach that took place on Tuesday, February 18 (the “Breach” or “Incident”). The Incident,...more
Target Corp. announced Dec. 19, 2013, that it had discovered an intrusion that may have compromised approximately 40 million customer payment cards used at its U.S. stores from Nov. 27 to Dec. 15, 2013 (12 PVLR 2133,...more
The “observance” of Data Privacy Day annually on January began in 2008. The National Cyber Security Alliance (NCSA) will be kicking off today’s events with a live stream of its press conference in Washington, DC. ...more
As anyone with a pulse and a computer, television or carrier pigeon knows, Target Corporation (NYSE: TGT) suffered a major data breach in December – the extent of which is still being uncovered – and pegs the latest number of...more
These are busy times in the data privacy/security world.
If Misery Loves Company, Target Has Friends -
Target was not the only target of data thieves this holiday season. Reports over the weekend revealed that...more
The Target data breach story keeps getting worse. The December pre-Christmas disclosure was the theft of up to 40 million Target shoppers’ credit and debit card information in what appeared to have been a hack of the Target...more
After a brief hiatus for the holidays and our “12 Days of Privacy” series, we are back.
We have had a series of late year — and new year — data breaches in the news. These latest incidents should prompt New Year’s...more
First and foremost, this is Veterans’ Day in the US. Let’s take a moment to thank all of those who served and who still serve, and honor the memory of those who gave their all. Businesses are offering special deals to...more
Adobe Systems Inc.,(ADBE -1.24%) announced earlier today that has been the victim of a cyber attack that has compromised information of 2.9 million of its customers. In a blog post Thursday morning, Adobe’s Chief Security...more
The ”hits” to data bases, in any event. Here is a rundown of some of the most recent data breach reports –
Oregon Health & Science University Data Breach Compromises 3,000 Patients’ Records in the Cloud.
Privacy goofs, gaffes and tidbits for the last Monday in July —
NSA Surveillance Causes More Grief –Germany Calls for a Stop to Safe Harbor: Time for Binding Corporate Rules?
According to news sources the...more
Programming Error Leads to “Low Tech” Data Breach at Indiana Family and Social Services Administration -
Although it started with a programming error, the breach itself was paper document. Apparently, a programming...more
Welcome to a new feature of Privacy & Security Matters – Privacy Monday.
We will start your week with a fresh collection of privacy tidbits, goofs and gaffes....more
As we have reported in this blog, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently released final regulations containing modifications to the HIPAA Privacy, Security, Enforcement, and...more