Latest Publications

Share:

The DFS Effect: Cyber Meets Sarbanes Oxley

Financial institutions with ties to New York spent their Valentine’s Day learning how to use the New York State Department of Financial Services (DFS) web portal....more

Education Department Toughens Tone on Cyber and Threatens to Pull Funding for Non-Compliance

Recently-issued guidance from the U.S. Department of Education (ED) threatens to “yank” Title IV funding for post-secondary institutions lacking appropriate data security safeguards....more

“Legally Reprehensible”: Senate Chastises Uber’s Conduct in 2016 Data Breach

On Tuesday, a Senate subcommittee grilled Uber’s Chief Information Security Officer, John Flynn, over a 2016 data breach that affected nearly 57 million drivers and riders. At the hearing, Uber faced backlash from lawmakers...more

U.S. Supreme Court Watch: Whether to Resolve Circuit Split on Standing for Data Breach Plaintiffs

At its first conference this month, the U.S. Supreme Court will consider whether to weigh in on a Circuit split over standing to sue in the aftermath of a data breach. ...more

Insurers: Are You Ready for More Cybersecurity Regulation? The National Association of Insurance Commissioners Model Law

At the end of last year, the National Association of Insurance Commissioners (NAIC) adopted an Insurance Data Security Model Law. The “purpose and intent” of the law is to “establish[] standards for data security and...more

DFS Filing “Reminder” as Deadline Looms

For the several thousand financial institutions and insurance companies covered by New York’s landmark data security regulation, the first certification of compliance must be filed with the State’s Department of Financial...more

Excellus Court Reverses Prior Decision: Risk of Future Identity Theft Suffices to Convey Standing in Data Breach Case

A federal judge in New York has reinstated claims brought against a healthcare provider by customers whose personal information was exposed in the 2015 data breach of Excellus BlueCross Blue Shield. The breach affected the...more

A Teachable Moment: Hospital Goes Public after Making Ransom Payment

It’s unusual for victims of ransomware to publicly acknowledge that they have paid hackers to go away. But a regional hospital in Indiana has made public its experience last week with a “sophisticated criminal group” as a...more

Countdown to the First Annual New York DFS Cyber Regulation Certification

On February 15th, organizations subject to the New York Department of Financial Services Cybersecurity Regulation are required to submit their first annual certification attesting to their compliance with the state’s new data...more

Federal Appeals Court Slams Data Breach Privilege Claim

In the most recent object lesson in a data breach privilege case, a federal appeals court has ordered a Michigan-based mortgage lender to turn over privileged forensic investigatory documents after the investigator’s...more

Google Puts Its SCA Warrant Appeal on Hold as High Court Prepares to Hear Microsoft Case

The fight over the privacy of electronic communications and the government’s ability to reach emails stored abroad in criminal investigations has finally moved to the U.S. Supreme Court. ...more

Equifax Must Turn Over NY Breach Data This Week

New York State regulators won’t be letting Equifax, Inc. off-the-hook any time soon for last year’s massive data breach that affected more than 145 million Americans....more

New York Launches Mid-Term Election Cyber Initiative

Cybersecurity will remain at the top of New York State’s regulatory agenda this year. In his annual State of the State address last week, New York Governor Andrew M. Cuomo called for new measures to defend against...more

In the Cloud: DOJ Issues New Guidance for Collecting Stored Data

The Justice Department is changing its approach to collecting data stored in the cloud. That’s the upshot of new DOJ guidance for criminal investigations issued late last month. The guidance, from the DOJ’s Computer Crime...more

Banner Health Class Action Claims Survive Motion to Dismiss

Wednesday, a federal district court in Arizona denied in part and granted in part Banner Health’s motion to dismiss class action claims arising from a 2016 data breach. ...more

Beyond the Campus Gates: Cyber Tops Risks for 2018

It’s no secret that cybersecurity concerns are a daunting challenge for higher education with their sprawling networks and databases. But industry leaders are predicting that data security will be one of the most serious...more

LabMD Appeal Has Privacy World Waiting

It is the case that could define the scope of the U.S. Federal Trade Commission’s authority in data security. The U.S. Court of Appeals for the Eleventh Circuit heard argument six months ago in LabMD, Inc. v. Federal Trade...more

Avatars, Facial Scans & Virtual Basketball: Second Circuit Tosses Biometric Privacy Case

A recent federal appellate ruling delivered a significant blow to invasion of privacy claims based on facial recognition technology used to scan users’ faces that are then put on their personalized players “in-game,” allowing...more

Inside the Stanford Breach: Exposed Records Lead to Financial Aid Scandal

A cybersecurity vulnerability at Stanford University exposed thousands of sensitive files containing details of sexual assault investigations and disciplinary actions. The story of what happened—and why it should be an object...more

LA City Attorney Jumps Into Uber Fray

A complaint filed Monday by Los Angeles City Attorney Mike Feuer accuses Uber Technologies Inc. of violating California law by concealing “for an entire year” a data breach that exposed the names and license numbers of...more

Inside the Stanford Breach: Sexual Assault, Disciplinary and Financial Data Exposed

A series of cybersecurity vulnerabilities at Stanford University exposed thousands of sensitive files containing details of sexual assault investigations, disciplinary actions and more. The details of what happened—and why it...more

Payment or Pillory: More Fallout from Uber’s Data Breach

With new developments regarding Uber Technologies Inc.’s 2016 data breach coming out almost daily, lawsuits against the company continue to pile-up. We previously reported that within days of Uber disclosing the data theft...more

Uber Breach

Uber Technologies, Inc., the latest victim of a high-profile data theft, is taking heat for its handling of the 2016 incident – first disclosed last week – in which account information for 57 million riders worldwide was...more

Part Two: In-Depth Look at New York’s New Data Security Bill

Second in a two-part series. Last week, in the first part of this series, we examined several key aspects of New York’s proposed data security law, Stop Hacks and Improve Data Security Act or SHIELD Act. In our second and...more

148 Results
/
View per page
Page: of 6

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.