In this article, 4 New Square’s Paul Mitchell QC, Stephen Innes and Helen Evans consider the potential civil liability of professionals in this jurisdiction for data breaches after GDPR comes into force on 25 May 2018. They write, in part: Many professionals are liable to assume that the GDPR will class them as “data controllers” rather…
Category: Commentaries and Analyses
Update: Four years later, is MCCCD still trying to cover up alleged security failures?
Sometimes it’s easy to forget that although a breach may be in the headlines for the proverbial 15 minutes, the impact of some breaches and resulting litigation may go on for years. Back in 2011 and and 2013, DataBreaches.net reported on breaches involving the Maricopa County Community College District (MCCCD). The earlier breach appeared to…
FastHealth breach still first being disclosed to some clients’ patients
Ugh. The FastHealth breach is still dripping out with yet more people first being notified. This time, it’s Cullman Regional. There’s no provision in HITECH (at least as far as I know) that would require a business associate to make one public disclosure of how many patients, total, have to be notified about an incident….
1.13M Patient Records Breached From January to March 2018
Proprietary data from Protenus shows disclosed breaches are just one one-thousandth of the actual risk health systems routinely carry 1,129,744 patient records were breached between January and March 2018, according to new data released today in the Protenus Breach Barometer. Published by Protenus, an artificial intelligence platform used by top health systems to analyze every…
EPFO slams Aadhaar data theft reports on social media
Sunil Dhawan reports: There was news doing the rounds earlier on in the day that Aadhaar data of subscribers of the Employees’ Provident Fund Organisation (EPFO) has been stolen by hackers. On social media, there was secret letter alegedly written by VP Joy, the Central Provident Fund Commissioner, on March 23 confirming that such a…
APT28 Hackers Caught Hijacking Legitimate LoJack Software
Catalin Cimpanu reports: Security researchers have found tainted versions of the legitimate LoJack software that appeared to have been sneakily modified to allow hackers inside companies that use it. Researchers say domains found inside the tainted LoJack instances have been previously tied to other hacking operations carried out by APT28, a codename used to describe…