Anna D. Kraus, Libbie Canter, Tara Carrier, and Olivia Vega of Covington & Burling write: On January 5, 2021, an amendment to the Health Information Technology for Economic and Clinical Health (“HITECH”) Act was signed into law. The amendment requires the U.S. Department of Health and Human Services (“HHS”) to “consider certain recognized security practices of covered…
Category: Commentaries and Analyses
Ransomware payments are going down as more victims decide not to pay up
Danny Palmer reports: The average ransom paid to cyber criminals following a ransomware attack is falling as more companies become reluctant to give into extortion demands. Analysis by cybersecurity company Coveware has found that the average ransom payment paid following a ransomware attack decreased by a third in the final quarter of 2020, dropping to $154,108 from $233,817…
China Has Stolen 80% Of American Adults’ Personal Data, Expert Claims
Daniel Richardson reports: Bill Evanina, former director of the US National Counterintelligence and Security Center, appeared as a guest on CBS’s 60 Minutes on Sunday, January 31, and gave a stark warning about data being used by China. During the programme, the former director suggested that Beijing is attempting to collect the medical data of Americans….
Lawmakers press NSA for answers about Juniper hack from 2015
Justin Katz reports: A group of Democratic lawmakers is calling on the National Security Agency to account for its part in the five-year-old breach of Juniper Networks, following a congressional investigation of the company last year. “The American people have a right to know why NSA did not act after the Juniper hack to protect…
Russian hack brings changes, uncertainty to US court system
MaryClaire Dale of AP reports: Trial lawyer Robert Fisher is handling one of America’s most prominent counterintelligence cases, defending an MIT scientist charged with secretly helping China. But how he’ll handle the logistics of the case could feel old school: Under new court rules, he’ll have to print out any highly sensitive documents and hand-deliver…
Court Holds Data Breach Notice Disclosing Potential Cyberattack Did Not Establish Plaintiffs’ Standing in Privacy Litigation
Christina Lamoureux of Squire Patton Boggs writes: While many federal courts have weighed in on the issue of what suffices for Article III standing in the context of a data breach litigation, not all state courts have. Last week, the Superior Court of Delaware found that a group of plaintiffs who received a notice that their personal…