If the victim of a cyberattack cannot determine whether data was accessed or acquired, should that increase the damages sought by plaintiffs in a class action suit? Or should it get the suit tossed out because the plaintiffs can’t prove any theft of their data? Kelly Mehorter reports about a class action lawsuit filed against…
Author: Dissent
Little Rock school district seeks cyberattack disclosure guidance
Arkansas Online reports: The Little Rock School District is continuing to seek an attorney general’s opinion on the legality of holding private school board meetings when reacting to a cyber- or ransomware attack on a district’s electronic information systems. Little Rock Superintendent Jermall Wright sent a lengthy letter in January to the attorney general’s office…
HK: Doctor suspended over medical records breach
A doctor has been suspended from clinical duties and reported to the police on suspicion of accessing medical records without their subject’s consent. A spokesman for North District Hospital said in a statement published on Tuesday night that they discovered the breach after a member of staff reported that she suspected her medical records had…
Texas waited two months to start informing 3,000 people that crooks copied their driver’s licenses. DPS explains why.
Jasper Scherer reports: After discovering in December that an organized crime group had obtained thousands of replacement Texas driver licenses, state public safety officials waited more than two months to publicly reveal the breach and start notifying those swept up in the operation. The criminal effort, disclosed to lawmakers Monday by Texas Department of Public Safety Director…
Sentara Health notifying 741 patients after mistake by Coronis Health employee
In a refreshingly straightforward breach disclosure, Sentara Health in Virginia reports that on December 19, an anonymous individual called their Compliance Hotline to alert them that while searching for something online, the called had stumbled across an exposed file with patients’ Medicare billing information. Sentara quickly verified the caller’s report and determined that the file…
Hong Kong: Data Security Measures Guidance published by the PCPD
Anna Gamvros (HK) and Edward Yau (HK) of Norton Rose Fulbright write: As data breaches and cyber attacks continue to surge and attackers become more sophisticated, organisations are well aware that the need for robust data security measures is becoming increasingly important. In Hong Kong, the Office of the Privacy Commissioner for Personal Data (the PCPD)…