David Fagan, Susan Cassidy, and Catlin Meade write: As an indicator of the continuing focus of government authorities on cybersecurity breaches and potential notification requirements, certain contractors for the federal government may soon face new rapid reporting requirements for successful network penetrations. Specifically, President Obama signed the 2014 Intelligence Authorization Act (“2014 IAA”) into law on July…
Category: U.S.
eBay faces class action suit over data breach
John Ribeiro reports that a potential class action lawsuit has been filed against eBay in the wake of its disclosure of a breach: The consumer privacy class action lawsuit, filed Wednesday by Collin Green, a citizen of the state of Louisiana, alleged that the security breach was the result of eBay’s inadequate security in regard…
OK: Payne County treasurer’s office tosses sensitive documents in dumpster
Paige Hill reports that the Payne County assessor’s office noticed a dumpster full of documents and files with personal information including social security numbers – but before anything could be done, a dump truck hauled all the papers away. County Assessor James Cowan says he noticed documents that date from the 1980′s to 2008. Read more on…
Board OKs pact to protect U. Maryland security breach victims
Michael Dresser reports: The state Board of Public Works approved a contract worth an estimated $2.6 million Wednesday for a firm to monitor the credit activity of an estimated 300,000 people whose personal information was exposed as a result of a computer security breach discovered at the University of Maryland early this year. The board…
Massage school data breach may rub alumni the wrong way
Six hundred and eighty-three Maryland residents who are alumni of the Baltimore School of Massage (BSOM) and Baltimore School of Massage’s Steiner Institute of Esthetics are being offered three years of free credit monitoring, identity protection, and identity theft restoration services following on email error that exposed their information. On June 17, an employee accidentally…
FERPA does not require data breach disclosure
Over on PogoWasRight.org, I’ve recapped the U.S. Education Department’s responses to privacy complaints filed by parent and students under the Family Educational Rights and Privacy Act (FERPA). In going through the data provided to EPIC in response to their Freedom of Information Act request, I noted that in a few cases, the Family Policy Compliance…