Daniel De Zayas, a legal intern at ZwillGen, writes: New York has updated its breach notification and data security law, expanding the definition of a data breach and imposing detailed reasonable security requirements, among other changes. The amendment also adds a number of new data elements to the definition of “private information.” On July 25,…
Category: Commentaries and Analyses
Attacking the Heart of the German Industry
Hakan Tanriverdi, Svea Eckert, Jan Strozyk, Maximilian Zierer, and Rebecca Ciesielski report: This investigation starts with a code: daa0 c7cb f4f0 fbcf d6d1. If you know what to look for, you’ll find Winnti. Hackers who have been spying on businesses all over the world for years. A group, presumably China-based, has honed in on Germany…
Health IT companies impacted by browser extension data leak: report
Heather Landi reports: Browser extensions, also known as add-ons or plug-ins, are commonly used by desktop Web surfers to do things ranging from blocking ads to remembering passwords to checking grammar. According to an independent security researcher, some extensions have been leaking and exposing browsing activity data, including patient names and health information from healthcare…
All clear? Server exposure from Illinois vendor with access to driver’s license data raises questions
Tina Sfondeles reports: A computer server of a vendor with city and state contracts to sell Illinois license plate stickers and Chicago vehicle stickers at currency exchanges was exposed to the Internet in May — although city and state officials insist there was no security breach. But that’s not enough for one Cook County watchdog,…
Here’s what data breaches are costing companies in 2019
Thomas Barrabi reports: The typical consumer data breach costs compromised businesses millions of dollars, with expenses rising exponentially for incidents on par with those that affected Equifax or Facebook in recent years, according to new research from IBM Security and Ponemon Institute. On a global scale, the average data breach exposes 25,575 sensitive consumer records and carries…
Vigilante Hacker ‘Phineas Fisher’ Denies Working for the Russian Government
Lorenzo Franceschi-Bichhierai reports: Four years ago, a vigilante hacker pulled off one of the most daring hacks of all time. The hacker, known as Phineas Fisher, broke into the servers of Hacking Team—one of the most hated companies in the cybersecurity world—and put all its data online. This was the equivalent of a museum robber…