Heartbleed

News & Analysis as of

New OpenSSL Bug is More Heartburn than Heartbleed

Only three months after uncovering the Heartbleed bug, two new data security threats were discovered in the same OpenSSL software package used to encrypt the majority of web communications. Although not as dangerous as...more

Policyholder Observer

Encryption Flaw "Heartbleed" Creates Data Risk: How Insurance Can Stanch the Bleeding - In early April, news broke of an encryption flaw named “Heartbleed” that exposed companies to data breaches for over two and one...more

Privacy Tuesday: June 2014

Welcome to another week, and our Privacy Tuesday look at top issues. California Attorney General Puts the Focus on the Consumer - As we have discussed, the California Online Privacy Protection Act was amended,...more

Financial Services Report, Summer 2014

In This Issue: - Beltway Report - Bureau Report - Mobile Payments - Mortgage and Fair Lending Report - Operations Report - Preemption Report - Privacy Report - Arbitration Report - TCPA...more

Is the Password Finally Dead? Fernando Corbató Hopes So.

As noted in a recent article in the Wall Street Journal, although his impact on our daily lives arguably rivals that of Bill Gates, Mark Zuckerberg, and other giants in the computer industry, the name Fernando Corbató remains...more

It’s Like Déjà Vu All Over Again: Yogi Berra On Information Security

It is Spring again, and the national pastime is in full swing. This year Spring also brought knowledge of the Heartbleed Bug – another threat to the security of information stored and transmitted online. And just as baseball...more

Tips for Handling the Heartbleed Bug

Last month, the world learned of the discovery of the "Heartbleed" bug, a software glitch leaving approximately two-thirds of the world's Internet servers vulnerable to potential hackers. This revelation sent online service...more

Heartbleed: It’s 10 PM; Do You Know Where Your Data is?

The Heartbleed vulnerability is, by now, an item about which we have all assuredly heard a lot. To get caught up on your reading on the technology aspects of this issue, see the linked articles I have compiled in the ”To...more

Week in Review

The assault on internet security continues to fill news headlines this week. On the heels of the Heartbleed bug, Microsoft announced this week that a security vulnerability exists in all versions of Internet Explorer, with no...more

Privacy Tuesday

For the last Tuesday in April, we have a few privacy and security bits and bytes to start your week. Trending Now – 5 Things Every Company’s Data Security Program Should Include... ...more

The Heartbleed Bug's Impact on EHR Systems

As reported in the media, a serious vulnerability in the popular OpenSSL cryptographic software library, called the Heartbleed bug, was recently discovered. This vulnerability permits the theft of information, including...more

News from the Health Law Gurus™

Passwords Affected from Heartbleed – HealthCare.gov, the website for the federally-facilitated health insurance exchanges under the Affordable Care Act, reset user passwords in the aftermath of Heartbleed, a security flaw in...more

5 Things Every Company's Data Security Program Should Include

What's the one thing every company's data security program must include? That's the question we put recently to experts in the field, knowing that, especially after Heartbleed, the diversity of responses would create an...more

The Cybersecurity Race: Executive Branch Takes The Lead While Congress Watches From The Bleachers

The federal government sector has been abuzz lately with whispers and shouts about pending cybersecurity regulations, frameworks, and requirements. This attention is not particularly surprising, especially given the recent...more

Privacy & Security Bits and Bytes

There has been so much news swirling in the data privacy and security world in the last few days, that it has been difficult to keep up. We’ll give you a roundup here....more

FFIEC Advises Financial Institutions On “Heartbleed” Risks

On April 10, the FFIEC issued an alert advising financial institutions of risks associated with “Heartbleed”, a recently discovered material security vulnerability in a commonly used encryption method known as the OpenSSL...more

Heartbleed Won’t Bring Cardiac Arrest for Ediscovery

How do you stop a security professional’s heart from beating? Two words: security breach. In today’s “Internet of Everything” environment, the impact of a security breach can be felt around the world and back again…in...more

Heartbleed: What to do now

Hardly a day passes now without some new report of a security vulnerability with inevitable breaches that follow, but Monday’s news about the two-year old vulnerability in OpenSSL is (or should be) catching everyone’s...more

Privacy Tuesday – April 14, 2014: Heartbleed Headaches

Last week was certainly the “week of the Heartbleed.” Unless you have been on vacation on a remote island (and if so, good for you!), you have heard and read much about the latest mass bug to infect the Internet....more

With OpenSSL Compromised by Heartbleed, an Opportunity for Companies to Diversify Cyber Security Efforts

The recent discovery of the “Heartbleed” online bug has sent shockwaves through the internet, causing companies and individuals alike to question very basic assumptions about cyber security. The bug has allegedly existed for...more

Take Action to Stop the Bleeding: Follow These Steps

“Heartbleed” has been all over the news, and companies have been scrambling to respond. What sounds like a nasty medical condition is actually a recently discovered flaw in popular encryption software called OpenSSL. It has...more

Will Heartbleed Affect Data Breach Insurance Coverage?

Although it is a widespread exploit that has been undetected for two years, whether or not a CGL policy covers data breaches allowed by Heartbleed should turn, simply, on whether the policy covers data breach at all...more

Heartbleed Bug Creates Risk for Businesses and Consumers

On April 8, 2014, several news agencies, including the New York Times and CNN, reported the discovery of a vulnerability in a core security protocol used by an estimated two-thirds of the world’s servers. The vulnerability...more

“Heartbleed” Bug – Antibiotics Won’t Help, Changing Passwords Might

After recovering from high-profile data breaches at Target and Neiman Marcus, signing up for free credit monitoring and analyzing our credit reports, a new Internet villain recently emerged: the “Heartbleed Bug.” The...more

Heartbleed - A Picture Is Worth A Thousand Words

We mentioned in our prior post the potential legal issues that The Heartbleed Bug will create from the standpoint of data breach and safe harbor, especially given the prospect of compromised keys. A number of people, however,...more

29 Results
|
View per page
Page: of 2