Data Protection Data Breach

News & Analysis as of

You Asked: Can My Employees Hack My Company?

Yes! Employees and other insiders – think Edward Snowden – can, and in fact, do play a role in most data breaches or cyber-security incidents. Companies must ensure their data protection policies include not only training but...more

Mapco Express pays $1.9 Million in Data Breach Settlement

A Tennessee federal judge has approved a proposed settlement of up to $1.9 million to be paid by Mapco Express to individuals affected by a payment card data breach that occurred in 2013. Two banks alleged that Mapco...more

Employer Did Not Owe Legal Duty to Protect Employees' Hacked Personal and Financial Records

University of Pittsburgh Medical Center (UPMC) maintained a human resource database containing current and former employees' names, dates of birth, social security numbers, tax information, addresses, salaries, and bank...more

Cybersecurity and Privacy Policy as a Board of Directors Issue

Cybersecurity and privacy of customer information have become such a critical issues that in-house counsel should treat them as board of directors-level issues. In-house counsel should do that with presentations for their...more

The Anthem Breach – A Retrospective

Many people and news outlets have opined, weighed in, and informed the public about the 2015 Anthem breach. It is still a hot topic in January 2017, because it currently lines up with other hot stories about hacking ordered...more

Cybersecurity Incident Response: Who You Gonna Call?

Who should you call when you suspect, or are certain of, a data breach? Data breaches and other cybersecurity incidents have become of a fact of life. Yahoo! recently disclosed that data for over one billion users was...more

Studies Show Ransomware up 6,000% and Reaps Billions and Phishing Emails are Used in 91% of all Cyber-Attacks

A recent IBM study shows that ransomware increased 6,000 percent in 2016 over 2015. According to the report, ransomware was present in almost 40 percent of all spam email messages....more

U.S. Military Special Operations Command Workers’ Data Exposed by Vendor

Military personnel continue to be victimized by data breaches. This time, the personal information of healthcare workers employed by Potomac Healthcare Solutions (Potomac), who work for a U.S. Special Operations Command were...more

PA Appellate Court Finds No Common Law Duty For Employer Handling Of Employee Info After Data Breach

The Pennsylvania Superior Court held yesterday in Dittman v. UPMC et al. that an employer owes no common law duty under a negligence theory to use reasonable care in the collection and storage of employee information and...more

Reduce Potential Liability for Data Security Breaches by Negotiating Coverage in Payment Processing Agreements

Credit cards are the primary form of payment received by most retailers. In order to process a credit card, a retailer must enter into an agreement with a bank and a payment processor. Payment processing agreements often have...more

EU e-Privacy Regulation Raises Stakes for Compliance

The European Commission's proposed e-privacy regulation sets forth obligations on handling electronic communications and clarifies obligations for seeking consent for the use of cookies. Meant to bring the e-privacy directive...more

Breach of Privacy Prompts Breach of Etiquette: DHHS Sets New Precedent in Privacy Breach Enforcement

On January 9, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) took action against a health system for non-timely reporting of a breach of protected health information. It was the first...more

Cyber Alert: 2016 Breach Roundup, Part II: U.S. and EU Data Breach Notification Regulations Highlights and Trends

Frameworks requiring breach notifications of various kinds significantly expanded in scope in 2016 at both the state and federal levels. However, at least in the U.S., some of the new federal requirements may not be in place...more

New York Department of Financial Services Revises Cybersecurity Proposal: Greater Flexibility and Delayed Compliance Deadlines

As we previously reported, in December 2016 the New York Department of Financial Services (the “DFS”) announced that it was revising its proposed regulation that would require banks, insurance companies and other financial...more

Three States Join Others to Expand Personal Information Definition to Include Usernames or Email Addresses

Businesses should take steps to protect usernames, email addresses, passwords, and security questions and answers. A key issue in determining whether notification is required following a data breach is whether...more

5 Information Governance Predictions for 2017

Information is every organization’s greatest asset. It makes up intellectual property, trade secrets and many other vital corporate assets. It’s how we in corporate America conduct business. With that said, governing and...more

The State of Cybersecurity in 2016 and the (potential) Great Cyber Fire

Cybersecurity hit the news hard in 2016. The number of high profile, and troubling, cyber incidents increased significantly. The Democratic National Committee and one of Clinton’s top advisor’s being hacked, with leaked...more

One Less (Regulator) Affair for AshleyMadison.com: Site Operators Agree to Settle U.S. Charges Stemming from 2015 Breach

Remember the 2015 AshleyMadison.com data breach, where hackers gained access to the personal information of about 36 million users from over 46 countries, and threatened and carried through on their promise to release the...more

What Can Be Learned From 2016 Security Incidents?

Cue the year-end articles saying that this was the worst year to date for data breaches. Follow that with more dire predictions for 2017. Layer in one-size-fits-all recommendations to mitigate these risks. And finish with...more

Over 3.1 Billion Records Breached So Far in 2016

The tally of records breached in 2016 (through November) globally was over 2.1 billion, according to IT Governance. With the announcement yesterday of Yahoo’s breach of another 1 billion records, that tally is now up to 3.1...more

Officers and Directors Spared Home Depot Data Breach Derivative Lawsuit

Officers and directors may breathe a temporary sigh of relief following the recent dismissal of the Home Depot data breach derivative case. Others will look to the facts for guidance. The complaint alleging the board had...more

2016 Breach Roundup, Part I: U.S. State Data Breach Notification Laws Highlights and Trends

In many respects, 2016 has been a remarkable year, but one constant with recent history is that multiple states (six this year) amended their breach notification statutes. As is commonly stated, the U.S. ...more

Data Security for Employers: An Update

Employers store, manage, and share sensitive data about employees. The Navigator and other commentators have written a lot about issues related to personally identifiable information, health-related data, and employee...more

New FTC Data Breach Response Guidelines

Cybersecurity should always be at the top of any retailer’s priority list—and even more so as the holiday shopping season gets underway. To that end, the Federal Trade Commission’s newly-released Data Breach Response...more

Lessons from Adobe’s State AG Data Breach Settlement

Last month, several state Attorneys General announced a $1M settlement with Adobe Systems, Inc. in connection with a 2013 data incident involving the personal information of roughly 534,000 consumers. The 15 Attorneys General...more

989 Results
|
View per page
Page: of 40
Popular Topics

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×