The best way to find out if you have been the victim of identity theft and to determine what accounts may have been opened in your name by criminals is to get a copy of your credit report....more
States Consider Privacy and Data Security Legislation - It’s that time of year again, when we see a flood of legislative activity at the state level on privacy and data security laws. A couple of recent examples are below....more
With it being Halloween, October being National Cybersecurity Awareness Month, and 2019 drawing to an end, let’s take a look at the data privacy breaches giving compliance professionals a fright this year! ...more
The Office of the Privacy Commissioner of Canada (OPC)'s report, Personal Information Protection and Electronic Documents Act (PIPEDA) Report of Findings #2019-001, issued April 9, 2019, into the Equifax hack, created...more
What the FTC Wants, the FTC (Mostly) Gets - In recent weeks the Federal Trade Commission has been on a tear. As one example, on July 22 it announced a $700 million settlement with Equifax for “the 2017 data breach that...more
Amidst mounting pressure to pursue cybersecurity more aggressively, the Federal Trade Commission (“FTC”), the federal government’s most active enforcer in the space, has recently imposed increasingly stringent cybersecurity...more
IMPACT OF EQUIFAX, FACEBOOK SETTLEMENTS - Health care industry boards should give close attention to the governance implications of recent privacy settlements entered into by Equifax and Facebook. Their unique facts...more
New York continued its active legislative session last week, this time by expanding its data breach notification law. The SHIELD Act (Stop Hacks and Improve Electronic Data Security), signed by Governor Andrew Cuomo on July...more
Last week produced a spate of interesting and instructive privacy and data security enforcement activity. ...more
Today, the FTC announced that Equifax, Inc. will pay at least $575 million (and potentially up to $700 million) as part of a proposed global settlement with the Federal Trade Commission (FTC), the Consumer Financial...more
In this month's Privacy & Cybersecurity Update, we examine several recent U.K.-related cybersecurity developments and the SEC's risk alert reminding investment advisers and broker-dealers to follow through on implementing...more
In the aftermath of Equifax’s data breach, a federal court recently found that allegations of poor cybersecurity coupled with misleading statements supported a proper cause of action. In its decision, the U.S. District Court...more
In a consent order with financial regulators from eight states, Equifax Inc. yesterday agreed to put in place a number of basic data security safeguards – apparently lacking until now – to prevent another massive breach....more
How much does a data breach cost? One independent study estimated that, on average, the cost to an organization of a data breach in the U.S. was $7.35 million in 2017. But recent financial disclosures from Equifax Inc. show...more
On its face, last week’s report that the number of data breaches reported last year to New York’s Attorney General spiked to an all-time high of 1,583 – up 23 percent from 2016 – was not good news....more
Cyber attacks continue to be a pervasive and destructive threat to all institutions and the legal and regulatory landscape currently in place to address those threats continues be reshaped in an effort to address those...more
Any entity that does business in these states or maintains confidential information of their residents should monitor the proposed data breach legislation discussed below: Oregon, New York, Alabama, and Rhode Island....more
Exclusive: U.S. Consumer Protection Official Puts Equifax Probe on Ice – Sources - On Monday, Reuters reported that, “Mick Mulvaney, head of the Consumer Financial Protection Bureau, has pulled back from a full-scale probe...more
The year 2017 saw the number of data breaches grow, and the trend is expected to continue and intensify. From Yahoo’s announcement that three billion of its user accounts were compromised to the Equifax breach and resulting...more
Unless you’ve been living on a remote mountaintop or inside a cave for the past 10 years, chances are good you’ve either been affected by a cybersecurity breach or know someone who has. Among many other businesses, recent...more
This week, the Advanced Cyber Security Center (ACSC) released a new report entitled, “Cyber Security Post Equifax: Perceptions and Priorities from Massachusetts Residents.” The report highlights the results from a survey of...more
As we near the end of a year that has seen more than its share of massive data breaches, two bills have been introduced (one re-introduced) in the U.S. Senate....more
UNITED STATES - Regulatory—Policy, Best Practices, and Standards - United States and China Renew Promise Not to Hack - On October 4, U.S. and Chinese officials agreed to not engage in targeted hacking. Per a...more
This week, a high profile plaintiffs’ firm (Edelson) stated that “if done right,” the data breach class actions against Equifax should yield more than $1 billion in cash going directly to more than 143 million consumers...more
A sobering look at the post-recession economic recovery shows that while by many measures US economic figures are again strong, the recession caused wounds that “have not fully healed”—including the loss of more than 1.5...more