Category: Commentaries and Analyses

ShopRite, Wakefern will pay $235k fine, improve security after massive data breach, AG says

Posted on by Dissent

Sophie Nieto-Munoz reports: ShopRite and its parent company, Wakefern Food Corporation, will pay $235,000 after two supermarkets threw away electronic devices exposing thousands of customers’ medical information, Attorney General Gurbir Grewal announced Monday. The company will also have to improve its data security after they failed to protect the information of more than 9,700 pharmaceutical customers…

Read more

“We take your privacy seriously,” Saturday edition

Posted on by Dissent

As part of my research collaboration with Protenus for their Breach Barometer reports, I spend time every week reaching out to entities to ask them for details about incidents if I cannot find any notice on their site or a state attorney general’s site.  Most entities respond with the requested information or a copy of…

Read more

New Haven Health Department failed to terminate former employee’s access to protected health information

Posted on by Dissent

The City of New Haven, Connecticut (New Haven) has agreed to pay $202,400 to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) and to implement a corrective action plan to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules.  The…

Read more

ICO fines Marriott International Inc £18.4million for failing to keep customers’ personal data secure

Posted on by Dissent

From the U.K.’s Information Commissioner’s Office (ICO): The ICO has fined Marriott International Inc £18.4million for failing to keep millions of customers’ personal data secure. Marriott estimates that 339 million guest records worldwide were affected following a cyber-attack in 2014 on Starwood Hotels and Resorts Worldwide Inc. The attack, from an unknown source, remained undetected until…

Read more