Our experienced team views data breach response as a joint effort in partnership with the client where the client’s philosophy, brand and customer base are considered integral in reconciling compliance with the numerous, and often competing, laws and regulations. [...]
Chinese Military Hacking U.S. Businesses?
Computer Security firm, Mandiant Corp., recently released a comprehensive report [pdf] exposing cyber espionage by a specialized Chinese military unit. The 60 page study details 141 separate attacks directed primarily at U.S. corporations and U.S. government agencies. The attacks are said to originate from “Unit 61398″, a secret department within the People’s Liberation Army located in Shanghai. Coca-Cola … Continue reading
SCHNUCK’S MASSIVE DATA BREACH RESULTS IN SEVERAL CLASS ACTION LAWSUITS
As we reported last month, Schnucks super market stores announced a data breach in March that potentially effected 2.4 million debit and credit card users. News reports have indicated that as many as 79 Schnucks stores may have had their customers’ card numbers and information stolen. As is often the case, class action lawsuits have … Continue reading
SCHNUCKS IS THE LATEST SUPER MARKET CHAIN TO SUFFER AN EXTENSIVE DATA BREACH
Last month Schnucks supermarket chain announced that it had been the victim of a hacking and was investigating a data breach that lead to customer credit and debit cards being fraudulently charged with purchases. At the time, Schnucks did not indicate the severity of the data breach. Schnucks has now announced that approximately 2.4 … Continue reading
NATIONWIDE INSURANCE LATEST VICTIM OF A DATA BREACH
Nationwide Mutual Insurance Company announced that part of its computer network has been hacked and that personal information effecting more than 1.1 million individuals has been stolen. The data breach occurred on October 3rd. The network that was breached is also used by Allied Insurance. Nationwide has determined that the compromised information includes names, birth … Continue reading
Credit/Debit Card Breach at Barnes & Noble Exposes Holes in Point of Sale Systems
Hackers gained access to credit card information from customers at 63 Barnes & Noble stores. Although the incident was first discovered in September, the FBI requested that Barnes & Noble delay publicly reporting the incident so as not to impede the investigation. Somehow, and the exact methodology has not been revealed, hackers were able to capture information from PIN … Continue reading
TD BANK ANNOUNCES DATA BREACH
TD Bank recently began notifying approximately 260,000 customers in numerous states from Maine to Florida that their personal information had been lost. A TD Bank spokesman confirmed to the Associated Press that unencrypted back-up data tapes were misplaced in transport earlier this year. The tapes contained personal information that included account information and social security … Continue reading
MEDAL OF HONOR RECIPIENTS BECOME VICTIMS OF AN ON LINE DATA BREACH
The Social Security numbers of 31 Army Medal of Honor recipients were accidentally posted on line by a Pentagon employee. The Los Angeles Times reported last week that the personal information was removed from the internet after the breach was discovered by a well known military historian. The Social Security numbers appear to have … Continue reading
NEW CONNECTICUT DATA BREACH IS A PERFECT EXAMPLE OF DATA SECURITY FAILURES
The Connecticut Attorney General just announced that personal health information and protected health information for over 9,000 Hartford Hospital patients was lost in June. http://www.ct.gov/ag/cwp/view.asp?Q=508726&A=2341. A laptop carried by an EMC subsidiary employee was reportedly stolen. The State AG announced that the unencrypted information on the laptop contained names, addresses, dates of birth, social security … Continue reading
Vermont Adds New Wrinkles to Data Breach Notification Law
Vermont has made some interesting amendments [.pdf at Sec. 4, p. 9] to its Security Breach Notice Act. The changes, trumpeted in a recent press release as part of various consumer protection measures, were signed into law on May 8, 2012 to be effective immediately. The most significant aspects of the revisions are: Consumer notification of a breach must be … Continue reading
DATA BREACH LITIGATION: CREDIT MONITORING NOW OR FEDERAL LAWSUIT LATER
Three prominent academics recently published a research paper that analyzed data breach litigation throughout the United States. http://ssrn.com/abstract=1986461. The authors analyzed over 230 federal data breach lawsuits from 2000-2010. The paper’s results suggest that the odds for an organization to be sued in federal court are 3.5 times greater when an individual has suffered financial harm … Continue reading