Data Breach

News & Analysis as of

Privacy & Cybersecurity Update - May 2015

In This Issue: - Second Circuit Rules Patriot Act Does Not Authorize Bulk Metadata Collection; Congress Reconsiders Certain Patriot Act Authorities - SEC Issues Cybersecurity Guidance for Investment Companies...more

Protecting Directors and Officers From Derivative Liability Arising From Data Breaches

With data breaches affecting companies across virtually every industry, cyber security has remained front page news. Lawsuits brought by aggrieved consumers and financial institutions against companies that have suffered data...more

How to Avoid Choosing the Wrong Cybersecurity Firm

Although the inherent nature of cybersecurity radiates urgency, businesses should not let this characteristic dictate the vendor selection process....more

A Deeper Dive: Regulatory Investigations Following a Reported Breach

In our inaugural Data Security Incident Response Report (the Report), we found that regulators inquired about a company’s breach 31% of the time and multi-state state Attorneys General investigations were launched less than...more

Target Proposed $19 Million Data Breach Settlement Falters As Banks Push Back

Banks have stymied an out-of-court settlement reached between Target Corp. and MasterCard in the multi-district litigation over Target’s massive data breach during the 2013 holiday season. MasterCard, who has estimated that...more

Four Security Gaps Cybercriminals Exploit in Your Business's Digital Storefront

Symantec, the American IT security company, recently released its 2015 Internet Security Threat Report that summarizes the number and types of threats and vulnerabilities seen in 2014. The report also analyzes trends and...more

Connecticut High Court Weighs in on CGL Coverage for Data Breach

In a highly anticipated May 26th decision, the Connecticut Supreme Court ruled that two CGL insurers, Federal Insurance Company and Scottsdale Insurance Company, are not required to cover losses in connection with the...more

Inside Insight: How the FTC Approaches Data Breach Investigations

A data breach hurts in a myriad of ways – the tarnished image of the breached company, the diminished consumer trust, and the bottom-line impact of remedial costs and lost business. The last thing a company already reeling...more

FINRA settles data breach enforcement action

The Financial Industry Regulatory Authority (FINRA) agreed to settle its enforcement action with Sterne Agee & Leach, Inc. (Sterne) this week for $225,000. The enforcement action followed the loss of an unencrypted laptop by...more

Damage Control: After an Insider Breach

In the immediate aftermath of a major security or data breach companies should re-evaluate their risk management systems. In a previous post on insider threats, we outline what a company can do to prevent risks associated...more

Nevada and North Dakota amend state breach notification laws

Nevada has amended its breach notification law, effective July 1, 2015, to include a medical or health insurance identification number and a user name, unique identifier, or e-mail address in combination with a password or...more

Adult FriendFinder confirms data breach of its users’ personal information

On May 22, 2015, an online dating service called Adult FriendFinder confirmed that there had been a data breach of some of its 64 million users’ personal information. In an online notice to its users, Adult FriendFinder said...more

Cyber Information Sharing: Legislation Roundup

With an increasing number of high-profile data breaches in the news, both the U.S. Senate and the House of Representatives have pushed forward on several data security and privacy bills. In the recent months, lawmakers have...more

Data Breach Increases Show Importance of Data Security Compliance in Business Sector

Data breaches have seen a lot of media attention in the past year, but that should come as no surprise since 2014 was a record year for them. According to a report by the Identity Theft Resource Center, there were 783 tracked...more

Roadmap Offers Important Insights on How to Prepare for FTC Data Breach Investigations

On May 20, 2015, Federal Trade Commission Assistant Director Mark Eichorn of the Bureau of Consumer Protection’s Division of Privacy and Identity Protection (DPIP) offered an inside look into the FTC’s investigative process...more

With the IRS breach, it’s clear your data is at risk

The Internal Revenue Service (IRS) released on Tuesday, May 26, 2015, news of a major data breach, estimated to have affected 100,000 U.S. households’ tax returns. The data was wrongfully obtained from an IRS application...more

IRS Data Breach Results in Thousands of Fraudulent Tax Returns

On Tuesday, May 26th, 2015, the IRS disclosed that a data breach of its online Get Transcript application occurred when sophisticated hackers attempted to access over 200,000 personal tax accounts. More importantly, however,...more

Healthcare Organizations not Immune from Criminal Attacks on Sensitive Information

This month, the Ponemon Institute released its Fifth Annual Benchmark Study on Privacy & Security of Healthcare Data and its findings are generating a good deal of attention. In the past, the Study has found that most data...more

Nevada Expands PI Definition under Data Breach Law

Becomes the fifth state to amend its data breach statute since January 2015 The definition of “personal information” (“PI”) just got a little bit bigger in the Silver State. On May 13, Nevada Governor Brian Sandoval signed...more

A Year in Review: Key HIPAA Settlement Agreements by HHS’s Office for Civil Rights

The U.S. Department of Health and Human Services Office for Civil Rights had another busy year in 2014. More resolution agreements were signed by HHS and Covered Entities than in the previous year, and several Covered...more

IRS Website Breached

The IRS announced yesterday that criminals had used the “get transcript” application on its website to gain access to the tax information of approximately 100,000 taxpayers. The IRS has temporarily shutdown this application...more

FTC says self-reporting is likely to result in more favorable resolution

Last week, the FTC encouraged companies to self-report data breaches with the promise of more likely favorable treatment. The statement comes in a blog post, authored by Mark Eichorn, an Assistant Director in the FTC Bureau...more

Connecticut Supreme Court’s Insurer-Friendly Decision on Data Breach Incident

On January 27, 2014, the Sedgwick Insurance Law Blog posted the following summary entitled, “ Highway Data Dump – Who are You Going to Call to Recover $6 Million?,” addressing the appellate decision in Recall Total Info....more

Spokeo v. Robins: The Case That Has Silicon Valley Buzzing, Even Though Plaintiffs Likely Don’t Have a Leg To “Stand” On

On April 27, 2015, the United States Supreme Court granted certiorari in Spokeo v. Robins and will soon decide whether a plaintiff must allege more than just the bare violation of a federal statute in order to invoke Article...more

Failure to Obtain Required Retailer Approval Scuttles Target-MasterCard Data Breach Settlement

Target’s attempt to resolve claims of MasterCard-issuing banks through a $19 million private settlement with MasterCard has been terminated for failure of issuers of 90% of the affected cards to accept the settlement by the...more

1,204 Results
|
View per page
Page: of 49

All the intelligence you need, in one easy email:

Great! Your first step to building an email digest of JD Supra authors and topics. Log in with LinkedIn so we can start sending your digest...

Sign up for your custom alerts now, using LinkedIn ›

* With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name.
×