Data Breach

News & Analysis as of

Draft Kings Class Action Argues Data Leak Revealed “Insider Trading” – But Can Case Survive Arbitration Clause?

Draft Kings and Fan Duel, competing daily fantasy sports (DFS) sites, have been vying for attention by flooding the airwaves with a reported 60,000 commercials this year. However, a recent data leak has resulted in less...more

California Amends Its Breach Notification Statute

For the third time in as many years, California has once again amended its breach notification statute. This time it expanded the definition of “personal information,” clarified the term “encryption,” and mandated additional...more

California Passes Four Bills Amending Breach Notification Law and Requiring Warrant to Access Digital Data

Last week was a big one for California’s privacy regime. In a landmark move, Governor Jerry Brown signed into law four bills further protecting Californians’ privacy rights: three strengthen the state’s data breach...more

“My, what beautiful eyes you have . . .” – Biometric Data and Privacy

Biometric data – obviously not in just the movies anymore. It is alive, well, and increasingly being used in our everyday society. But, on September 23, 2015, when the Office of Personnel Management revealed that fingerprint...more

Three Privacy Policies Every Company Should Have in 2016

As we have reached the 4th quarter of 2015, many companies are actively planning for the next calendar year. In the last 12 months, privacy law has become a “front burner” issue for many companies....more

California Updates Data Breach Notification Statute; Provides Model Notification Form

On October 6, California Governor Jerry Brown signed into law two different updates to California’s data breach notification statute. Both updates will become effective on January 1, 2016....more

School Districts to Undergo Cybersecurity Audit

Missouri Auditor Nicole Galloway recently announced plans to conduct cybersecurity audits of five school districts. Coinciding with National Cybersecurity Awareness Month, the audits are intended to reveal how school...more

Data Breaches Are Not Academic: Colleges and Universities Should Take Appropriate Steps To Avoid or at Least Minimize Their...

Data breaches at colleges and universities are on the rise. These institutions are targets because their networks have access to a large amount of private information, including educational and medical records, as well as...more

AT&T issues “What every CEO Needs to Know About Cybersecurity”

We have reported before how CEOs, GCs and Boards are struggling with understanding and responding to cybersecurity risks within their organizations....more

California Amends Definition of Personal Identifiable Information and Breach Notification Content Requirements

On October 6, 2015, California Governor Jerry Brown signed into law several changes to California’s Data Breach Notification Statute. The law, as amended, adds additional categories of information into the definition of...more

New PCI Guidance Provides Businesses With Security Incident Response Assistance

A security event involving payment card data, especially card present data, can be one of the most costly events a company may face. Not only did a recent study report the average total cost of a data breach as $3.8 million,...more

VA OIG reports patient data at risk with vendor

The Department of Veterans Affairs’ Office of Inspector General recently issued a report, following a complaint that the VA Palo Alto Health Care System put veterans’ health information at risk when it allowed personnel of a...more

Privacy Tip #4—What do I do when I get a letter informing me of a data breach?

We’ve all gotten them–the dreaded letter that informs us that our data has been compromised, including our Social Security number. Some have received so many of these “notifications” that they are de-sensitized, throw their...more

New challenges created by China’s new draft cybersecurity law

In July 2015, China released its new draft cybersecurity law (the ‘Law’), which will potentially have far-reaching consequences for network operators and companies doing business in China....more

6,400 American Bankers Association members’ usernames and passwords compromised

Late last week, the American Bankers Association disclosed that its computer systems had been compromised exposing thousands of members’ personal information. The hacking occurred through its website’s shopping cart tool,...more

OIG report spurs OCR to announce phase 2 audits

On September 29, it was revealed that the HHS Office for Civil Rights (OCR) will commence Phase 2 of its HIPAA audit program in “early 2016.” OCR’s revelation regarding the Phase 2 audits, which had been the subject of...more

Scottrade announces data breach affecting 4.6M customers

Scottrade, a retail brokerage firm, announced late last week that it suffered an intrusion by cyber hackers who stole client contact information of 4.6 million customers. The intrusion occurred between late 2013 and early...more

Investment Adviser Settles SEC Cybersecurity Enforcement Action; SEC Issues Investor Alert

On September 22, the U.S. Securities and Exchange Commission (“SEC”) and R.T. Jones Capital Equities Management, Inc. (“R.T. Jones”), a St. Louis-based investment adviser, settled charges that R.T. Jones failed to adopt...more

Strike Suit Offers Conjectures, And Little More, About Scottrade Data Breach

As reported on Friday in the Krebs on Security blog, online broker Scottrade had sent an e-mail to customers earlier that day stating that it recently had learned from law enforcement officials that Scottrade was one of a...more

Court Grants Standing Against Coca-Cola Employer for Breach of Employee Information

The decision does not change the law on what is necessary to prove standing, although it does reinforce the notion that a plaintiff will have standing if he or she can allege a concrete injury. In the latest in a slew of...more

SEC Brings First Cybersecurity Enforcement Proceeding in Wake of Risk Alert

Highlights Areas of High Risk and Examination Priorities for Financial Industry Firms - On September 15, the U.S. Securities and Exchange Commission’s (SEC’s) Office of Compliance, Inspections and Examinations (OCIE),...more

The SEC Opens Up a New Front in the Cybersecurity Wars

For the last few years, the SEC has been issuing guidance as to appropriate cybersecurity policies and procedures for financial firms. In a move that signal’s the regulator’s willingness to put muscle into its cybersecurity...more

EXPECT FOCUS: Onboard Technology, NAIC Cybersecurity, DOL, ACA Litigation, SEC Regulation (Vol. III, Summer 2015)

In This Issue: IN THE SPOTLIGHT - - Your Data Breach Collided With My Personal Injury Coverage LIFE INSURANCE - - Phantom Injury Dooms “Shadow Insurance” Case - Latest NAIC Cybersecurity News - A...more

SEC Fines Investment Firm $75,000 for Failing to Adopt Written Cybersecurity Policies and Procedures

Investment firm R.T. Jones Capital Equities Management (R.T. Jones) has agreed to settle with the Securities and Exchange Commission (SEC) and pay a $75,000 penalty over charges that it failed to adopt written policies and...more

Hacked Investment Advisor Fined $75,000 for Lack of Cyber-Security Measures

Many in the investment advisory community are following the story of R.T. Jones Capital Equities Management, an investment advisor that, according to the Securities and Exchange Commission (SEC), suffered a hack exposing the...more

1,711 Results
View per page
Page: of 69

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.