News & Analysis as of

Data Breach Litigation – A New Wave of Class Actions by Financial Institutions

Rarely does a day go by without news of a data security breach. According to the Identify Theft Resource Center, there have been a total of 447 data breaches to date this year, which represents a 20.5% increase over the same...more

From Russia With Love: ‘Do svidaniya’ Peace Of Mind, Hello Information Security Training

So, this is rather embarrassing to admit, but I am one of those people that knows exactly what to do when your personal information is stolen. It’s not embarrassing that I know what to do. It’s embarrassing why I know what to...more

FTC Uses Its "Unfair Acts" Power to Go After PHI Security Breach

The Federal Trade Commission (FTC) is moving forward with an administrative action against a small medical laboratory that suffered two data security breaches, resulting in its patients’ protected health information falling...more

It’s Like Déjà Vu All Over Again: Yogi Berra On Information Security

It is Spring again, and the national pastime is in full swing. This year Spring also brought knowledge of the Heartbleed Bug – another threat to the security of information stored and transmitted online. And just as baseball...more

SEC Cybersecurity Initiative: Five Steps ALL Broker-Dealers and Investment Advisers Should be Taking

Last week, the U.S. Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) released a Risk Alert announcing its Cybersecurity Initiative....more

Federal Reserve Board Proposes To Repeal Duplicative Regulations Amend Identity Theft Red Flags Rule

On February 12, the Federal Reserve Board proposed to repeal its Regulation DD, which implements the TISA, and Regulation P, which implements Section 504 of the GLBA because the Dodd-Frank Act transferred rulemaking authority...more

On the 11th Day of Privacy, class counsel served on me……

. . . a data breach class action. Hackers and plaintiffs’ lawyers could combine to make 2014 the year when class actions concerning theft of sensitive information proliferate. On this 11th Day of Privacy, we look...more

California Data Breach Notification Laws Expand to Include Login Information

On Friday, September 27, California governor Jerry Brown signed a bill, S.B. 46, which increases the online protection of potential identity theft for Californians by requiring companies to give notice when a California...more

Encryption is Key to Limiting Company Exposure for Data Security Breaches

Companies doing business in California may find themselves targeted for investigation if they fail to encrypt personal information, according to a recent report issued by the California Attorney General’s office. ...more

SEC and CFTC Issue Identity Theft Rules

Today, April 19, 2013, the Securities and Exchange Commission (“SEC”) and the Commodity Futures Trading Commission (“CFTC”) published in the Federal Register rules and guidelines requiring their respective regulated financial...more

APT Threat Report Shows Cybersecurity Risks Not Limited to Identity Theft

We often talk to companies who believe they are an unlikely target for hackers because they do not have financial account information, Social Security numbers, or medical information. However, personal information is not the...more

Maryland Cybersecurity-Related Legislative Developments

The Maryland State Senate is considering several cybersecurity-related bills to advance the state’s efforts to be the epicenter for cybersecurity. Maryland has already enacted several measures to foster cybersecurity...more

CSBS Joins With Federal Authorities To Combat Corporate Account Takeover

On December 7, the Conference of State Bank Supervisors announced a joint effort with the U.S. Secret Service (Secret Service) and the Financial Services-Information Sharing and Analysis Center (FS-ISAC) to assist financial...more

13 Results
|
View per page
Page: of 1