Before taking any action on this latest data breach news out of Russia, there are a number of things to understand....more
A breach of this nature is reportable under the breach notification laws in both California and Florida, as recently amended: “Personal Information” includes user name or email address, in combination with a password or...more
Although it is a widespread exploit that has been undetected for two years, whether or not a CGL policy covers data breaches allowed by Heartbleed should turn, simply, on whether the policy covers data breach at all...more
The vulnerability caused by the Heartbleed bug circumvents the purpose of OpenSSL: encryption. Therefore, the conclusion would appear to be that any data breach during the time of OpenSSL vulnerability would be reportable...more