Data Breach

News & Analysis as of

Study Finds Companies May Do Too Much For Data Breach Victims

A recent study at the University of Arkansas suggests that organizations should avoid doing too much for individuals affected by a data breach. That is, when organizations provide compensation to breach victims that exceeds...more

"Privacy & Cybersecurity Update - November 2016"

In this month's Privacy & Cybersecurity Update, we review an 11th Circuit case involving the longstanding battle between the FTC and medical company LabMD, recent NIST guidelines for securing devices connected to the...more

Data Breach Notification Laws: What to consider

Although Congress has attempted to agree on federal data breach notification legislation, there is no national data breach notification law that applies to most companies. Instead, 47 states, plus the District of Columbia,...more

A Failed Strategy: Another Derivative Action In A Data Breach Case Goes Down To Defeat

Dismissal Of Home Depot Derivative Action Extends Shareholder Losing Streak An attempt to impose liability on corporate officers and directors for data breach-related losses has once again failed. On November 30,...more

Privacy Tip #63 – NYC Concertgoers—You May Need to Check Your Bank Records

Madison Square Garden has announced that it has suffered a year-long data breach of debit and credit cards used at concession stands at Madison Square Garden, the Theater at Madison Square Garden, Radio City Music Hall, ...more

Data Security for Employers: An Update

Employers store, manage, and share sensitive data about employees. The Navigator and other commentators have written a lot about issues related to personally identifiable information, health-related data, and employee...more

New FTC Data Breach Response Guidelines

Cybersecurity should always be at the top of any retailer’s priority list—and even more so as the holiday shopping season gets underway. To that end, the Federal Trade Commission’s newly-released Data Breach Response...more

New California AG Appointed with Possibilities for Privacy Enforcement

With the election of current California Attorney General Kamala Harris to the U.S. Senate, Governor Jerry Brown was tasked with appointing her replacement. On December 1, he announced that his pick is U.S. Representative...more

OCR Alerts Listservs About Fake Phishing Email to Covered Entities and Business Associates

On November 28, 2016, the Office for Civil Rights (OCR) issued an Alert to its listservs that a phishing email is being circulated on “mock HHS Departmental letterhead under the signature of OCR”s Director, Jocelyn Samuels”...more

Lessons from Adobe’s State AG Data Breach Settlement

Last month, several state Attorneys General announced a $1M settlement with Adobe Systems, Inc. in connection with a 2013 data incident involving the personal information of roughly 534,000 consumers. The 15 Attorneys General...more

House Energy & Commerce Committee Holds Hearing on Security of the Internet of Things

The growing scale of cybersecurity concerns is prompting action from government leadership on the federal level. Before the Thanksgiving recess, the House’s Committee on Energy and Commerce got in on the act when two of its...more

FTC Publishes Data Breach Response Guidelines

Whether resulting from a planned cyberattack or mere carelessness, data breaches are on the rise. In 2015, 781 data breaches were reported across the United States, with the average breach costing $3.8 million. In 2016, the...more

Cybersecurity 2017 – The Year in Preview: Emerging Security Threats

Editor’s note: This is the fourth in a continuing end-of-year series. See our previous posts on trade secrets, state regulation and law enforcement, and HIPAA compliance. Our last two posts will focus on the energy...more

Privacy Perils: Choose Your "Friends" Wisely - Thought Leadership - Bass Berry

By press release on Monday, November 14, 2016, adult website operator Friend Finder Network, Inc. (FFN) confirmed it was addressing "a security incident involving certain customer usernames, passwords and email addresses."...more

Keep Reading: Standing Affirmed, but Barnes & Noble Data Breach Class Action Halted

It was about time for data breach defendants to get a win. The District Court for the Northern District of Illinois delivered one to Barnes & Noble in its long-running class action that stems from a breach suffered in 2012....more

Retirement Plans Incur Data Breaches; ERISA Council Addresses Cyber Risks

Until relatively recently, retirement plans have not made the news as targets of data breaches. This is somewhat surprising, given the wealth of participants’ personal data stored online by these plans. This past summer,...more

The FTC Faces an Embarrassing Set-Back in its Data Security Enforcement Authority as the LabMD Saga Continues

On November 10th, the Eleventh Circuit Court of Appeals handed an embarrassing defeat to the Federal Trade Commission and an early Christmas present to LabMD, Inc. in the ongoing David and Goliath battle between the...more

NIST Releases Comprehensive Cyber Security Guidelines for the Internet of Things

As the Internet of Things continues to grow and expand, the fact that guidance on security measures and protections is a necessity has become increasingly evident. Recently, the National Institute of Standards and Technology...more

FTC Announces New Guidance on Ransomware

On November 10, 2016, the U.S. Federal Trade Commission (FTC) released new guidance for businesses and consumers on the impact of, and how to respond to ransomware. Ransomware is a form of malicious software that infiltrates...more

More on HIPAA Audits for 2016 and 2017–Desk Audits and On-Site Audits

As part of the ongoing HHS OCR HIPAA audit initiative, it is conducting “HIPAA desk audits.” These audits don’t involve auditors coming in your facility. Instead, covered entities are being asked to submit documents on...more

Implementing the GDPR: What You Need to Know

Data protection procedures will require an overhaul for any company that offers goods and services, or tracks individuals, in the EU under the European General Data Protection Regulation (GDPR) to take effect from 25 May...more

Data Breach Decision Points: Part 8

The best way for a company to handle a data breach is to be prepared. As we discuss in our data breach readiness handbook, preparation includes, among other things, drafting an incident response plan, reviewing...more

DFS Cyber Regulation: Part II – An Interview with Bay Dynamics’ Steven Grossman

This is the second installment in our interview with Steven Grossman, VP Strategy & Enablement at Bay Dynamics, the cyber risk analytics company. Here, Steven discusses the importance of aligning an institution’s risk...more

Know Your Cyber Insurance Gaps Before a Breach Hits

Data breaches are on the rise throughout the business sector, including the hospitality industry. In 2015, in California alone, there were approximately 178 reported breaches that compromised 24 million records,...more

Cyber Insurance 101: Read This Before Selecting a Cyber Insurance Policy

Several recent, large-scale cyber events, including both data breaches and cyber attacks, demonstrate that companies, both large and small, must protect themselves against the risk of a cyber event. Cyber insurance policies...more

2,674 Results
|
View per page
Page: of 107
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×