Alliance Ground International is the latest company to be sued for allegedly violating the Illinois Biometric Information Privacy Act (BIPA) for collecting and storing its employees’ fingerprints without their consent....more
10/23/2017
/ Airlines ,
Aviation Industry ,
Biometric Information ,
Biometric Information Privacy Act ,
Class Action ,
Damages ,
Data Collection ,
Data Privacy ,
Data Security ,
Employer Liability Issues ,
Employment Litigation ,
Fingerprints ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Prior Express Consent ,
Transporation Authories
DNV GL recently issued a new globally applicable recommended practice (DNLVGL-RP-G108) to assist oil and gas operators, system integrators and managers, and vendors in the offshore industry to manage increasing cybersecurity...more
9/26/2017
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cybersecurity ,
Data Security ,
Energy Sector ,
Hackers ,
Malware ,
New Guidance ,
Oil & Gas ,
Popular ,
Ransomware ,
Risk Management
Forty-eight states have enacted data breach notification laws, and they frequently are amended and updated. The most recent state to update its law is Delaware.
...more
I feel like I have been writing about Passwords over and over and that’s because I have. Despite hearing about how important passwords are over and over again, compromised passwords continues to be an issue for organizations....more
We previously outlined the requirements of the Connecticut data breach law when it was amended in 2015, including the requirement to implement a comprehensive information security program (CISP)....more
Last January, the Federal Trade Commission (FTC) launched the IoT Home Inspector Challenge, a contest that requested participants to come up with a tool that would identify security issues that are caused by out-of-date...more
I have lamented repeatedly that we have a dearth of cyber talent in the U.S. to meet the needs of employers. Many of our clients recruit talent from other countries in order to meet their cyber needs. The need continues to...more
As you head to the beach or hammock for a bit of R+R this summer, here is one that you might want on the reading list.
The Electronic Frontier Foundation (EFF) has been publishing a report entitled “Who Has Your Back”...more
It’s scary to think about, but anything that is online is hackable. Including critical infrastructure like nuclear power plants.
It has been reported that U.S. authorities are investigating a cyber intrusion that has hit...more
Last week, the Department of Health and Human Services (HHS) issued its “Report on Improving Cybersecurity in the Health Care Industry,” which is the culmination of a year-long effort on behalf of the Cybersecurity Task...more
If you have a daughter in K-12 who is in the Girl Scouts, check out the fact that they can now earn cybersecurity badges if they demonstrate a mastery of Internet security. Brilliant! What a great way to get girls interested...more
The Association of Corporate Counsel (ACC) has issued its first-ever data security guidelines, which outline basic data security measures that in-house counsel can use to evaluate their outside counsel....more
As we previously reported, Arby’s was hit with malware that infected over 1,000 of its fast food locations throughout the U.S. between October 25, 2016, and January 19, 2017, and was hit with multiple class action suits over...more
What a great idea!
Trusty Consumer Reports has announced that it is collaborating with three cybersecurity firms to “create a new standard that safeguards consumers’ security and privacy—and we hope industry will use...more
We previously reported that Wendy’s was hit with a putative class action shareholders’ derivative suit in December following its data breach in 2016. Late last week, the executives and Board of Wendy’s filed a Motion to...more
3/20/2017
/ Data Breach ,
Data Security ,
Debit and Credit Card Transactions ,
Derivative Suit ,
Fast-Food Industry ,
Hackers ,
Malware ,
Motion to Dismiss ,
Point of Sale Terminals ,
Restaurant Industry ,
Shareholder Litigation ,
Wendy's
Security researchers have discovered that an unsecured backup drive has compromised thousands of U.S. Air Force documents, including personnel files and sensitive forms filled out by senior and high-ranking officials. These...more
Arby’s has announced that its point-of-sale system had been compromised by intruders over a four month period between October of 2016 and January of 2017, exposing the credit and debit card information of 355,000 customers....more
Pactera Technologies N.A., Inc. [www.Pactera.com] has released the report “Cybersecurity Threats for Treasury & Payment Management Systems: Six Things you Should Know to Manage Them.” It is easy to understand and pertinent,...more
Arby’s has announced that it is investigating its payment card systems after Brian Krebs first reported the incident.
According to reports, malware placed on Arby restaurants’ payment card systems allowed attackers to...more
The developers of two NBA video games were successful this week in getting a putative class action alleging violations of the Illinois Biometrics law dismissed....more
2/6/2017
/ Biometric Information ,
Biometric Information Privacy Act ,
Class Action ,
Data Collection ,
Data Privacy ,
Data Security ,
Dismissals ,
Facial Recognition Technology ,
NBA ,
Personal Data ,
Sports ,
Video Games
FM Global and CFO Research Services have partnered together and recently issued a study titled “Finance’s Role in Operational Risk Management: CFO Research on Building a Resilient Company.”
...more
The National Institute of Standards and Technology (NIST) has issued an update to its Framework for Improving Critical Infrastructure Cybersecurity, which includes information relating to managing supply chain risks,...more
A Tennessee federal judge has approved a proposed settlement of up to $1.9 million to be paid by Mapco Express to individuals affected by a payment card data breach that occurred in 2013.
Two banks alleged that Mapco...more
Military personnel continue to be victimized by data breaches. This time, the personal information of healthcare workers employed by Potomac Healthcare Solutions (Potomac), who work for a U.S. Special Operations Command were...more
1/16/2017
/ Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Healthcare ,
Marine Corps ,
Military Service Members ,
Personally Identifiable Information ,
Third-Party Service Provider ,
U.S. Navy ,
US Air Force
The No More Ransom Project, a coalition of security companies and law enforcement, which was launched through a partnership with the European Cybercrime Centre, the National High Tech Crime Unit of the Netherlands police,...more