Continuing the trend of filing a shareholders derivative suit following a data breach, a Wendy’s shareholder recently filed a derivative suit against Wendy’s executives and board members alleging they did not adequately...more
12/27/2016
/ Credit Cards ,
Data Breach ,
Derivative Suit ,
Fast-Food Industry ,
Hackers ,
Personally Identifiable Information ,
Point of Sale Terminals ,
Popular ,
Restaurant Industry ,
Shareholder Litigation ,
Shareholders ,
Third-Party Service Provider ,
Wendy's
We have repeatedly reiterated numerous warnings to the healthcare industry about malware and ransomware [see related posts here and here]. Our predictions have unfortunately become true, as November was the worst month ever...more
2016 has been a banner year for ransomware cybercriminals. We have seen a dramatic rise in the use of ransomware, and businesses continue to become victims to ransomware, primarily through phishing and spear phishing schemes....more
We have previously warned consumers about IRS phone scams that defraud consumers.
Basically, the fraudsters call unsuspecting victims over the telephone impersonating an IRS official, and intimidate the recipient of the...more
For arguably the first time, a law firm, Johnson & Bell, has been sued by Edelman PC for lax data security practices that allegedly put client data at risk....more
Whenever fact sheets or other guidance is issued by either the Office of the National Coordinator for Health Information Technology (ONC) or the Office for Civil Rights (OCR), it helps gain insight into the thinking of the...more
Quest Diagnostics, which operates medical laboratories, has announced that 34,000 customer records were exposed during a hacking incident that occurred on November 26th. The hacker obtained access to the information through...more
The tally of records breached in 2016 (through November) globally was over 2.1 billion, according to IT Governance. With the announcement yesterday of Yahoo’s breach of another 1 billion records, that tally is now up to 3.1...more
12/16/2016
/ Credit Cards ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Email ,
Hackers ,
Personally Identifiable Information ,
PHI
We have previously reported on the Ashley Madison data breach and subsequent litigation. On December 14th, Ashley Madison announced that it has agreed to pay $1.6 million and implement additional security measures to settle...more
12/15/2016
/ Adultery ,
Ashley Madison ,
Attorney General ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Dating Services ,
Federal Trade Commission (FTC) ,
Hackers ,
Internet ,
Marriage ,
Online Platforms ,
Personally Identifiable Information ,
Settlement ,
Spouses ,
Websites
Yahoo Inc. announced on December 14th that hackers stole the personal information of more than one billion users, which is in addition to the 500 million accounts compromised that was announced in September....more
12/15/2016
/ Acquisitions ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Email ,
Hackers ,
Passwords ,
Personally Identifiable Information ,
Verizon ,
Yahoo!
There are reports of a java keylogger that is able to copy and forward credit card details from online checkout forms that are used on shopping websites. It has reportedly affected several dozen online shopping websites that...more
The U.S. Navy has revealed that it has been notified by one of its vendors that a laptop of the contractor was the source of a data breach that compromised the names and Social Security numbers of 134,386 current and former...more
The Office for Civil Rights (OCR) has announced that the University of Massachusetts Amherst (UMass) has agreed to settle an investigation against it as a result of a malware infection for $650,000, along with implementing a...more
12/5/2016
/ Business Associates ,
Corrective Actions ,
Covered Entities ,
Cyber Attacks ,
Data Breach ,
Educational Institutions ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HIPAA Breach ,
Malware ,
OCR ,
Personally Identifiable Information ,
PHI ,
Settlement ,
Universities
Madison Square Garden has announced that it has suffered a year-long data breach of debit and credit cards used at concession stands at Madison Square Garden, the Theater at Madison Square Garden, Radio City Music Hall, ...more
On November 28, 2016, the Office for Civil Rights (OCR) issued an Alert to its listservs that a phishing email is being circulated on “mock HHS Departmental letterhead under the signature of OCR”s Director, Jocelyn Samuels”...more
12/2/2016
/ Business Associates ,
Covered Entities ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Department of Health and Human Services (HHS) ,
Email ,
Hackers ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HIPAA Audits ,
OCR ,
PHI ,
Phishing Scams
In the ongoing saga of Facebook’s challenge of the Illinois Biometric Law, it declared last week that the Illinois law violates the United State Constitution.
According to Facebook’s Answer in a suit filed against it in...more
A Lincoln Financial Group subsidiary has agreed to accept a $650,000 fine levied against it by the Financial Industry Regulatory Authority (FINRA) and to implement more robust security controls for a 2012 hacking that...more
Security researcher Samy Kamkar has announced that a new hacking tool—PoisonTap—can be loaded onto a USB stick and used to hijack the Internet connection of one’s computer....more
A new IBM/Ponemon Study released late last week, 2016 Cyber Resilient Organization, reveals that only 32 percent of IT and security professionals believe that their organization has a “high” level of cyber resilience....more
The National Institute of Standards and Technology (NIST) recently released guidance for the makers of devices that use or are connected to the Internet to build robust security measures into the design of products from the...more
In a recent newsletter, the Office for Civil Rights (OCR) encourages health care organizations to review their procedures around authentication and “ensure that they have the appropriate safeguards in place.”...more
11/21/2016
/ Authentication ,
Business Associates ,
Covered Entities ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
OCR ,
PHI ,
Risk Assessment ,
Risk Management
The U.S. Equal Employment Opportunity Commission (EEOC) recently announced that it has entered into a settlement with BNV Home Care Agency, Inc. (BNV) for $125,000 for violations of the Genetic Information Non-Discrimination...more
The New York Times reported last week that “hundreds of fake retail and product apps have popped up in Apple’s App Store in recent weeks”—just in time to deceive holiday shoppers....more
11/18/2016
/ Advertising ,
Apple ,
Cyber Crimes ,
Holidays ,
Mobile Ad Networks ,
Mobile Apps ,
Mobile Devices ,
Online Advertisements ,
Ransomware ,
Retail Market ,
Smartphones ,
Technology ,
Websites
We often hear from small businesses that they do not believe they can be a “target” of hackers, or that they are at risk of a cyber intrusion. This thought is naïve as small businesses are at risk of cyber intrusions, and due...more
The National Institute of Standards and Technology (NIST) has teamed up with the United States Coast Guard(USCG) and private industry to issue a new cybersecurity document that will assist the maritime industry in securing...more
11/17/2016
/ Coast Guard ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Hazardous Substances ,
Maritime Transport ,
NIST ,
Ports ,
Risk Management ,
Shipping ,
Supply Chain