Ekathimerini reports: Mobile phone operator Cosmote and parent company OTE have been slapped with fines of over 9 million euros by Greece’s Data Protection Authority over a breach of user records in September 2020. Specifically, the watchdog fined Cosmote 6 million euros for failing to protect a file containing the call histories of thousands of…
Category: Commentaries and Analyses
Can Data Breaches Be Good For Some Corporate Brands?
Christos Makridis writes: Surprisingly, data breaches can be good for some corporate brands, a new study shows. When hackers pirate their way past corporate firewalls and publicize the private lives of consumers, the betrayal of consumer trust and the aura of corporate incompetence should sink a company’s reputation. But the real world is more complicated….
Scripps Breach Too California Heavy for Federal Courtroom
Samantha Hawkins reports: A proposed class action against Scripps Health over a 2021 data breach was thrown out of federal court Wednesday, when a Southern District of California judge said too many Californians meant it lacked jurisdiction. Surprised? I was. But Hawkins explains: But because most—96.3%—of the 144,011 individuals notified about the ransomware attack had…
New York State Comptroller DiNapoli Releases School District Audits
The state comptroller has released two more school district audits of information technology. Putnam Valley Central School District – Information Technology (2021M-154) Audit Period July 1, 2019 – May 31, 2021. We extended the audit period forward through July 28, 2021 to complete IT testing. Quick District Facts Local User Accounts 2,626 Employees 502 Student…
The high cost of mishandling data breaches, security reporting for financial services
Karen Hoffman reminds readers of the costs of poor security, reporting, in part: Last month, the U.S. Securities and Exchange Commission (SEC) fined Chase $125 million due to employees’ insecure practices, namely using WhatsApp and personal email accounts to transact official business, thus not adhering to SEC record-keeping requirements. Additionally, under a separate enforcement action,…
Proposed settlement reached in lawsuit against Excellus
One year after Excellus settled with OCR over a 2015 data breach, there is now a proposed settlement in a class action lawsuit that was filed in response to the breach. The terms of the settlement, which have not yet been approved by the court, do not involve paying even one dime to class members….