Kathleen Dion of Robinson & Cole writes: On January 30, 2018, EDUCAUSE, a higher education technology association, submitted a letter to the U.S. Department of Education describing concerns that it had with the Federal Student Aid (“FSA”) ability to protect federal student financial aid data. EDUCAUSE’s members include IT professionals from over 1,800 colleges and…
Category: Commentaries and Analyses
Supreme Court Denies Cert in Attias v. CareFirst
Daniel Kagan of Murtha Cullina cuts to the chase: On February 16, 2018, the U.S. Supreme Court denied certiorari to review CareFirst’s appeal of the U.S. Court of Appeals, D.C. Circuit’s decision in Attias v. Carefirst, Inc., 865 F.3d 620 (D.C. Cir. 2017). The D.C. Circuit held that the threat of harm from a data breach…
Higher Ed Users Are Less Susceptible to Phishing Scams
Meghan Bogardus Cortez reports: University end users are pretty good at identifying a scam. Only 10 percent of simulated phishing emails sent to users at education institutions were successful, a new study from Wombat Security Technologies reports. The company monitored tens of millions of simulated phishing attacks sent over the course of a year through…
Phishing schemes net hackers millions of dollars from Fortune 500
Charlie Osborne reports: Fortune 500 companies are losing millions of dollars due to new and sophisticated phishing scams conducted by cyberattackers, IBM has discovered. On Wednesday, researchers from IBM’s X-Force Incident Response and Intelligence Services (IRIS) team said the Business Email Compromise (BEC) scheme is currently active and is successfully targeting Accounts Payable (AP) teams…
AU: Immigration department reveals string of data breaches
Rohan Pearce reports: The immigration department has revealed that over the last five years it has reported 18 data breaches to the Office of the Australian Information Commission. In an answer to a question on notice from a Senate Estimates hearing earlier this year, the Department of Immigration and Border Protection (DIBP) revealed it reported…
Can Your Business be Liable for an Employee’s Intentional Data Leak?
Revision Legal has a post about insider leaks. The article starts by discussing the Morrisons case in the UK, where an employee vindictively leaked data. In a ruling that surprised many, the court held that although Morrisons was a victim of their employee, other employees who sued Morrisons could hold Morrisons liable: This creates, in…