Notifiable Data Breaches We are currently seeking public comment on the following draft resources: What to include in an eligible data breach statement Notifiable Data Breach statement Exceptions to notification obligations Guide to OAIC Privacy Regulatory Action – Chapter 9: Data breach incidents Assessing a suspected data breach Please provide any comments by 23 October…
Category: Commentaries and Analyses
Firewalls Don’t Stop Hackers. AI Might.
Scott Rosenberg reports: The cybersecurity industry has always had a fortress mentality: Firewall the perimeter! Harden the system! But that mindset has failed—miserably, as each new headline-generating hack reminds us. Even if you do patch all your software, the way Equifax didn’t, or you randomize all your passwords, the way most of us don’t, bad…
Healthcare Data Breach Litigation Trends
Bryan Cave provides a summary analysis of litigation in terms of what kinds of claims tend to fail to demonstrate standing in class action lawsuits and what types of claims may be sufficient to demonstrate standing. What they don’t show on either side of their chart is the question of “are the data involved highly embarrassing/stigmatizing?”…
7% of All Amazon S3 Servers Are Exposed, Explaining Recent Surge of Data Leaks
Catalin Cimpanu reports: During the past year, there has been a surge in data breach reporting regarding Amazon S3 servers left accessible online, and which were exposing private information from all sorts of companies and their customers. In almost all cases, the reason was that companies, through their staff, left Amazon S3 “buckets” configured to…
Public shaming likely but GOP wary of new laws after Equifax breach
AP reports what I’ve basically been telling everyone already. Prospects are good for a public shaming in the Equifax data breach, but it’s unlikely Congress will institute sweeping new regulations after hackers accessed the personal information of an estimated 143 million Americans. Since early this year, President Donald Trump and the Republican-led Congress have strived…
How Ransomware has become an ‘Ethical’ Dilemma in the Eastern European Underground
Regular readers of this site will remember the Hollywood Presbyterian Medical Center ransomware incident, if for no other reason than it was the first time we had a medical center publicly revealing that they had been hit by ransomware and had decided to pay the ransom (approximately $17,000) than risk a shutdown of life-saving equipment….