Category: Breach Notification Laws

Connecticut Updates Data Breach Protection Law

Posted October 5, 2012 by TeamSHATTER Admin in Breach Notification Laws, Data Breach, Database Security with 0 comments

Connecticut Attorney General George Jepsen says he hopes an update to the state’s data breach protection law that took effect Oct. 1 will help make its enforcement less difficult. A new provision in the law requires businesses and not for profits that experience a data breach to alert the Attorney General’s office when they notify affected individuals of a breach. Click for complete article >>

Click for complete article >>

Worrisome Data Breach Trends Force Organizations To Examine IT Security Infrastructure


In the war over government data security, the statistics indicate the bad guys are winning. And some security experts say any hope of reversing that trend will take “a whole new paradigm” in IT security. The U.S. Government Accountability Office (GAO) reported last week that federal data breaches involving unauthorized disclosures of personally identifiable information increased by 19%, or about 13,000 to 15,500, from 2010 to 2011. At least some of the time, victims of those breaches are being left…

Click for complete article >>

Despite New SEC Rule, Organizations Rarely Disclose Cyber Breaches

Posted July 2, 2012 by Tim Whitman in Breach Notification Laws, Data Breach, Database Security with 0 comments

Hackers broke into computers at hotel giant Wyndham Worldwide Corp. three times in two years and stole credit card information belonging to hundreds of thousands of customers. Wyndham didn’t report the break-in in corporate filings even though the Securities and Exchange Commission wants companies to inform investors of cybercrimes. Amid whispers of sensational online break-ins resulting in millions of dollars in losses, it remains remarkably difficult to identify corporate victims of cybercrimes. Companies are afraid that going public would damage…

Click for complete article >>

Guidelines Bill Is Introduced For Data Security Breaches

Posted June 25, 2012 by Tim Whitman in Breach Notification Laws, Data Breach, Database Security, Uncategorized with 0 comments
us capital

Sen. Pat Toomey (R-Pa.) introduced a bill on behalf of himself and four other Republican senators setting national standards for how companies inform individuals of a breach of security related to personal information. Toomey, alongside Sens. Olympia Snowe (Maine), Jim DeMint (S.C.), Roy Blunt (Mo.) and Dean Heller (Nev.), introduced the Data Security and Breach Notification Act of 2012 (S.3333) on Thursday. Click for complete article >>

Click for complete article >>

HITECH Law’s First Data Beach Settlement costs HHS $1.5 Million


Last week, BlueCross BlueShield of Tennessee, Inc., agreed to pay $1.5 million to the U.S. Department of Health and Human Services (HHS) for an alleged data security breach. The enforcement action is the first stemming from the Health Information Technology for Economic and Clinical Health Act (HITECH), enacted in early 2009. While BlueCross might have been first to settle, it is unlikely to be the last. Since HHS established its breach notification website in early 2010, the agency has received…

Click for complete article >>

More Lawsuits Filed In Zappos Security Breach


Amazon continues to feel the ire of customers angry over a January internet security breach that allowed hackers to crack subsidary’s computers and steal account numbers and other customer information. Nine federal class-action lawsuits have been filed against Amazon and/or Zappos related to the hacking, and Amazon says it expects more to come.  Click for complete article >>

Click for complete article >>

Data Breaches are Getting Even Pricier


The ruling more than a year ago by the 9th US Circuit Court of Appeals in Krottner v. Starbucks was the first in a cascade of legal and regulatory actions that promise to increase the costs of data breaches for US companies. The court ruled that, to take a case to trial, plaintiffs no longer need to show actual harm or imminent threat of harm from a data breach. They simply have to show increased risk of harm. As a…

Click for complete article >>

Protecting The Brand: The Impact Of Data Breaches

Brand Reputation Management

Never mind all those formula Hollywood films about oddly sympathetic adolescents hacking into major government or financial computer systems. In fact, real cybercrime has overtaken terrorism as the central threat to U.S. security, according to FBI director Robert Mueller. The perpetrators may be ideological adversaries based in Iran. They may be gangsters prowling the canyons of Brighton Beach, Brooklyn. The effects were dramatic last year. 2011 saw the largest cybercrime case in history when six Estonians were accused of infecting…

Click for complete article >>

Patient Record Data Breaches Doubled Last Year

Patient Records

The total number of patient records compromised in the US increased by 97% in 2011 compared with 2010, according to a report released this week by the Redspin consulting firm. Redspin cites the increasing concentration of protected health information (PHI) on unencrypted portable devices and the lack of sufficient oversight of PHI disclosed to hospital’s business associates as the main reasons for the increase. Malicious attacks (theft, hacking, and insider incidents) continue to cause 60% of all breaches due to…

Click for complete article >>

Stratfor Facing $50 Million Lawsuit From Data Breach

Statfor Lawsuit For Data Breach

Austin-based Stratfor, which lost information on thousands of its customers in computer hacking attacks against its website in December, now finds itself under legal fire. Stratfor this week responded in a Texas court to a federal class action suit filed against it in New York. The suit seeks more than $50 million in damages on behalf of customers whose personal and credit card information was lost in the hacking incidents of Dec. 7 and Dec. 24. Click here for full…

Click for complete article >>
Powered by