Hunton Andrews Kurth writes: On March 2, 2021, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth submitted its response to the European Data Protection Board (“EDPB”) consultation on draft guidelines on examples regarding data breach notification (the “Guidelines”). The Guidelines were adopted on January 14, 2021 for public consultation. The EDPB’s Guidelines are intended to provide concrete personal…
Category: Commentaries and Analyses
UK: Solicitor caught dumping client files in the street
The SRA has fined a solicitor for dumping rubbish bags containing client information outside his office. Trevor Nicholas Senkatuka was the sole practitioner of the now-defunct firm, Windsor Croft Solicitors, in Essex. The local council fined him for fly-tipping on the pavement outside his office. Council workers took photographs of the bags which revealed that they contained private client information. “The public would…
How do you make a data breach even worse? You notify the victims that they are dead.
The headline says it all: Some Treasure Valley residents receiving letters from Saint Alphonsus saying they are dead The situation started routinely enough — an employee’s email account was compromised. In this case, the access was used to send out spam. Somehow, however, in the process of sending breach notifications, there was a mail merge…
NYDFS Penalizes Mortgage Company For Not Disclosing 2019 Breach
Kim Phan of Ballard Spahr writes: On March 3rd, the New York Department of Financial Services (“NYDFS”) announced a settlement with Residential Mortgage Services, Inc. (“RMS”) to resolve allegations that RMS violated the NYDFS Cybersecurity Regulation relating to a 2019 cyber breach. In July 2020, NYDFS conducted an examination of RMS as a licensed mortgage…
AU: LandMark White data breach trial to put firm under spotlight
Michael Bleby reports the latest developments in the wake of a breach involving Landmark White (now known as Acumentis): ASX-listed valuer LandMark White’s cyber security standards will come under the spotlight this week, as the trial kicks off of an IT contractor accused of stealing customer data from the firm and putting it on the…
At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software
Brian Krebs reports: At least 30,000 organizations across the United States — including a significant number of small businesses, towns, cities and local governments — have over the past few days been hacked by an unusually aggressive Chinese cyber espionage unit that’s focused on stealing email from victim organizations, multiple sources tell KrebsOnSecurity. The espionage…