News & Analysis as of

Back -to- School 2014

In mid-August Jewel-Osco announced that its computers, containing credit and debit card information, had suffered an “unlawful intrusion”. They are but the latest retailer to do so with the list that now includes CVS, Home...more

Information Security Training Master Class: Winning the Battle Against Data Breaches, Malicious and Negligent Employees, and...

Disclaimer: I am a crazy person. I read over 50 articles before I wrote this (WHO DOES THAT) and I’m not even sure how I got so sucked in. In short, information security is a big deal right now – and there are tons of ways to...more

Cybersecurity Litigation Monthly Newsletter

As we discussed in July, Tiversa, a “cyber-intelligence” company, notified the FTC in 2009 that a file containing the personal information of about 9,300 LabMD patients was available on a peer-to-peer file sharing network....more

To Speak Or Not To Speak About A Data Breach

I recently posted about some companies making the decision to not announce when a data security breach has occurred, or at least they would think twice before announcing. According a couple crisis communication experts, that...more

September 22, 2014: Quickly approaching deadline to amend business associate agreements

The HIPAA Omnibus Rule, enacted last year, made a number of changes to the HIPAA privacy, security and breach notification rules. Some of these changes affected business associate provisions of the HIPAA privacy and security...more

The Congress Ramps Up Action On Cybersecurity Legislation - Possibilities For Data Protection/Breach Legislation Still Exist

While not a day goes by without a new cybersecurity attack, the recent news of the Russian criminal gang who is alleged to have stolen over 1 billion user names and passwords as well as 500 million email addresses reinforces...more

Another day, another data breach…..DIYers, beware. This time it’s Home Depot.

It appears that the data breach victim of the week (perhaps of the year) is The Home Depot. Brian Krebs has reported that it appears that two large dumps of purloined credit card numbers have made an appearance on the black...more

Lessons from the iCloud Celebrity Hack

The highly publicized hacking of the iCloud accounts of dozens of celebrities was disclosed over Labor Day weekend and has raised larger, more serious concerns regarding the security of personal and corporate data held in the...more

PREVENTING AND RESPONDING TO DATA BREACHES IN AN ERA OF CYBER INSECURITY [Video]

Rarely does a day pass without new news of a data breach of some company around the world. It has impacted virtually every industry from hospitality to retail. What should companies do to avoid being the next target of...more

Learning from Target: Insurance Coverage for Data Breaches

Cyber liability is a clear and present danger. Target Corp. recently reported at least $235 million as gross expenses related to its 2013 data breach. Fortunately, Target was able to recover $90 million of that loss under...more

Massive Online Security Breach – Are You Reactive or Proactive?

A few weeks ago, a Russian cyber gang amassed around 1.2 billion user name and password credentials belonging to more than 500 million email addresses. This may be to date the largest cache of stolen data. The cyber gang...more

Amendments to California’s security breach notification bill head to governor: key action points for businesses

In what has become almost an annual ritual, California is poised to tweak its security breach notice law. Last year, in language DLA Piper lawyers helped to draft on behalf of the State Privacy & Security Coalition, the...more

The Board of Directors and Cybersecurity: Setting up the Right Structure

Security breaches have become a staple of the daily news. A national restaurant chain announced in August 2014, that a payment card processing system breach involved 33 restaurants in 18 states and that the incident lasted...more

Week in Review

Significant electronic data breaches made headlines again this week. Supervalu announced that millions of customer credit card numbers were stolen at various stores. ...more

Singapore's first data breach?

The Straits Times reported on 14 August that Singapore’s Personal Data Protection Commission (the “Commission”) is investigating a complaint from a user that Xiaomi has breached the Personal Data Protection Act 2012 (“PDPA”)....more

Russian Hackers Stockpile Over 1 Billion Internet Credentials: Industry Leaders Across All Sectors Likely Impacted

A Russian hacking group reportedly engaged in the largest known cyberattack by amassing over 1.2 billion unique sets of usernames and passwords and 500 million email addresses from more than 420,000 web and FTP sites. The...more

4.5 Million Patients’ Information Stolen by Hackers

Community Health Systems Inc. (“CHS”), a Tennessee-based hospital provider, has reported it was the target of data hackers who were able to obtain identification information belonging to approximately 4.5 million CHS...more

Reasonable Doubt: Data Privacy, Cybersecurity, and the FTC

Today’s cybersecurity environment demands that every business establish effective corporate data privacy and consumer information security systems and practices. But, unfortunately, no single cybersecurity law exits to...more

Community Health Systems' HIPAA Breach: Significant Lessons for Health Care and Non-Health Care Companies

On August 18, 2014, Community Health Systems, Inc. (CHS) publicly confirmed, in a filing with the Securities and Exchange Commission (CHS filing), that its computer network was attacked between April and June 2014 by hackers...more

Hospital Network Reports Large HIPAA Breach

Community Health Systems announced yesterday, August 18th, that hackers broke into its computers and stole data on 4.5 million patients. ...more

Bring Your Own Device Doesn't Mean Bring in Security Breach

Bring-Your-Own-Device (“BYOD”) policies have been picking up steam because of increased productivity, improved communications, and the need for employees to work remotely. However, when implementing any BYOD policy there are...more

PCI Council Issues Biz Tips to Reduce 3rd Party Security Risk

On August 7, 2014 the PCI Security Standards Council issued new guidance to supplement PCI DSS Requirement 3.0 and help organizations reduce the risks associated with entrusting third-party service providers (“TPSPs”) with...more

Data Breach Notification, Helpful or Harmful?

Some IT professionals are debating whether they would issue a data breach notification in the event of a hack. Their rationale is that such a notification makes them a target for other hackers and that most of the incidents...more

The Inevitable Cyber Break In: Are You Protected?

The prevalence of cyber data breach over the years has not only grown in number, but has also grown in size. Perhaps the most well-known example of a large-scale data breach is that suffered by Target Corp. occurring at the...more

Russian Crime Ring Possesses Mass Quantities of Stolen Online Information

With recent reports that a Russian crime ring may have stolen the largest collection of online data — including 1.2 billion username and password combinations—effective data security is more critical than ever for all...more

507 Results
|
View per page
Page: of 21