Our experienced team views data breach response as a joint effort in partnership with the client where the client’s philosophy, brand and customer base are considered integral in reconciling compliance with the numerous, and often competing, laws and regulations. [...]
OLD DATA IS POTENTIALLY DANGEROUS DATA
Kirkwood Community College in Iowa recently announced that it will pay between $400,000 and $500,000 in data breach remedy costs as a result of a hacking incident in March. The hackers were able to gain access to approximately eight years of archives application information. The information may have included names, birth dates, contact information … Continue reading
SCHNUCK’S MASSIVE DATA BREACH RESULTS IN SEVERAL CLASS ACTION LAWSUITS
As we reported last month, Schnucks super market stores announced a data breach in March that potentially effected 2.4 million debit and credit card users. News reports have indicated that as many as 79 Schnucks stores may have had their customers’ card numbers and information stolen. As is often the case, class action lawsuits have … Continue reading
ANOTHER GOVERNMENTAL AGENCY EXTENDS CREDIT MONITORING FOR DATA BREACH VICTIMS
Last year the State of Utah announced that cyber hackers had accessed governmental computers and stolen personal identifiable information of approximately 780,000 individuals. The information stolen included approximately 280,000 social security numbers. Among other remedies, the state offered credit monitoring for one year. State law makers have now approved one million dollars to extend … Continue reading
State of the Cybersecurity Union — Obama’s Executive Order Aimed at Cyberattacks
“We know hackers steal people’s identities and infiltrate private e-mail. We know foreign countries and companies swipe our corporate secrets.” With those words, and just prior to his 2013 State of the Union address, President Obama signed an executive order on cybersecurity. The order is focused on protecting critical cyber infrastructure from cyberattacks. As an executive order, … Continue reading
FTC IS TARGETING PRIVACY ON MOBILE DEVICES
Earlier this month the Federal Trade Commission released a set of non binding recommendations for the mobile industry to strengthen its privacy controls and allow consumers to opt out of being tracked by ad networks on their smartphones. FTC regulators want the mobile industry to obtain consumers’ permission to tract their location and access … Continue reading
HHS ISSUES FINAL BREACH NOTIFICATION RULES – The end of “no harm, no foul”?
Last week the Department of Health and Human Services (HHS) issued its long-awaited “Final Rule”[.pdf] meant to strengthen various HIPAA/HITECH privacy and security rules related to individuals’ health information. The 563 pages of federal regulations contain numerous rule modifications. Notably with respect to the scope of this Blog, there are significant changes to the Breach Notification Rule for protected health information (PHI). When originally issued as an “interim final rule” in … Continue reading
OFFICE OF CIVIL RIGHTS RINGS IN NEW YEAR WITH SIGNIFICANT HIPAA DATA BREACH SETTLEMENT
The HHS’ Office of Civil Rights (OCR) announced today that The Hospice of North Idaho has agreed to pay a $50,000 settlement for violations of the HIPAA Security Rule. OCR made a point of announcing that the settlement is the first one that involves a breach of unprotected PHI affecting fewer than 500 individuals. In … Continue reading
NATIONWIDE INSURANCE LATEST VICTIM OF A DATA BREACH
Nationwide Mutual Insurance Company announced that part of its computer network has been hacked and that personal information effecting more than 1.1 million individuals has been stolen. The data breach occurred on October 3rd. The network that was breached is also used by Allied Insurance. Nationwide has determined that the compromised information includes names, birth … Continue reading
HOW TO AVOID LIABILITY FOR COMMENTS POSTED ON YOUR COMPANY’S WEBSITE
I. AN INTERACTIVE COMPANY WEBSITE DOES NOT NECESSARILY MEAN LIABILITY As social media continues to expand on the internet, more and more businesses are developing and setting up their own websites. These websites can include public Facebook pages, social media forum pages, and blogs. With such increasing popularity, businesses must understand the legal ramifications … Continue reading
Credit/Debit Card Breach at Barnes & Noble Exposes Holes in Point of Sale Systems
Hackers gained access to credit card information from customers at 63 Barnes & Noble stores. Although the incident was first discovered in September, the FBI requested that Barnes & Noble delay publicly reporting the incident so as not to impede the investigation. Somehow, and the exact methodology has not been revealed, hackers were able to capture information from PIN … Continue reading