Report on Patient Privacy 20, no. 2 (February 2020) - A ruling from Georgia’s highest state court could set a precedent that determines recourse for victims of cyberattacks. The Georgia Supreme Court ruled in late December...more
Researchers at Sentinel One and Dragos have detected malicious code, called EKANS or Snake, that has been designed specifically to target industrial control systems (ICS), including those of oil refineries, manufacturing...more
A point of sale vendor for at least three cannabis dispensaries in the United States exposed the personal data of at least 30,000 cannabis users, including full names, photo IDs, dates of birth, telephone numbers, home...more
The predictions set forth in Experian’s Seventh Annual Data Breach Industry Forecast make sense and are worth a read. We are starting to see these types of intrusions and scams, and our experience is that once these types of...more
Last week, the Tex-Mex restaurant chain On the Border suffered a data breach that impacted its payment acceptance systems in 27 states. The restaurant says that some credit card information of customers who visited the chain...more
In February 2014 the U.S. National Institute of Standards in Technology (‘NIST’) published the ?rst NIST Cybersecurity Framework, responding to an Executive Order on improving critical infrastructure cybersecurity issued by...more
A lawyer’s nightmare: retailer Brooks Brothers announced late last week that it has become the newest retailer to suffer a payment card data breach. According to Brooks Brothers, which is calling it a “data incident”,...more
In the latest decision on Article III standing in a data breach case, the U.S. Court of Appeals for the Second Circuit ruled that a credit card holder – who neither pleaded specific facts about the time or effort spent...more
New filings in the consolidated Home Depot data breach litigation, which we have previously covered on this blog, indicate that Home Depot and the remaining financial institution plaintiffs have reached a settlement. ...more
The Eighth Circuit Court of Appeals has remanded a $10 million settlement in the Target data breach class action on the grounds that the district court had not rigorously analyzed the propriety of the class certification. ...more
Lightspeed, a retail point-of-sale company that provides cloud-based services to 38,000 clients, has reported that its central database, which stores client information on sales, products, encrypted passwords, and in some...more
Eddie Bauer announced on August 18th that it is the latest retailer who has become a victim of a “sophisticated” cyber intrusion that has compromised all of the cash registers in the 350 Eddie Bauer stores throughout the U.S....more
KrebsonSecurity has reported that the Russian organized cybercrime group dubbed the Carbanak Gang, which in the past has been suspected of stealing more than $1 billion from banks, retailers and hotels and restaurants...more
Two recent data breach incidents in the healthcare industry prove what readers of this blog have heard all too often: KNOW THY VENDORS....more
Phoenix, Arizona, based Banner Health (Banner), reportedly one of the largest health care organizations in the country, began notifying up to 3.7 million patients this week of a data breach of its computer systems that...more
Kimpton Hotels and Restaurants has announced that it is investigating a point-of-sale credit and debit card breach affecting approximately two dozen of its properties in the U.S....more
Omni Hotels notified guests on Friday, July 8, 2016, that its point of sale systems were compromised with malware from December 23, 2015, through June 15, 2016....more
According to Noodles & Company (“Noodles”), it received information from Visa that Visa cards used by customers at its fast-food chains since January have “possibly” been compromised. It is presently investigating unusual...more
Diners who used credit and debit cards at the Tennessee based O’Charley’s restaurants between March 18, 2016, and April 8, 2016, were notified by O’Charley’s of a data breach that affected its point of sale systems. Consumers...more
Trump Hotel Collection, the high-end hotel chain owned by the billionaire Republican presidential hopeful and real estate developer Donald Trump, has confirmed a data security breach involving malware that the company says...more
It has been reported that Hilton Hotel Properties (Hilton), including Embassy Suites, Doubletree, Hampton Inn and Suites and Waldorf Astoria is investigating credit card fraud alerts from banks, which have been alerted by...more
The Secret Service, which investigates financial crimes, issued a security Alert on July 31, 2014, warning of malware named “Backoff” that was being used to steal payment card data from point-of-sale (POS) systems. The Alert...more
As April comes to a close, it’s time once again for Verizon Enterprise Solutions’ Data Breach Investigations Report to remind us just how important data security is to the corporate world. Released Wednesday, the report,...more