We haven’t seen many data security enforcement actions under the Gramm-Leach-Bliley Act (GLBA) Safeguards Rule, but a recent case is a good opportunity to remind entities that they may be covered by it even if they didn’t know it. Edward McAndrew, Kim Phan, and Zaven Sargsian of Ballard Spahr write: The Federal Trade Commission (FTC)…
Category: Commentaries and Analyses
AU: Medicare data breach: government response ‘contemptible’, says former AFP officer
Melissa Davey reports: The federal government’s response to a Medicare data breach that led to patient details being sold on the dark web was “disappointing, confusing and often contemptible,” according to a former detective who headed the Australian federal police’s investigations into high-tech crime. Nigel Phair, now an adjunct professor at the University of Canberra’s…
Watchdog pressed to probe post-data breach services
Morgan Chalfant reports: Democratic members of the House Energy and Commerce Committee are pressing a government watchdog to further investigate whether existing credit monitoring services do enough to protect consumers affected by data breaches. The Government Accountability Office (GAO) released a report in March on identity theft services offered by the federal government and private companies…
GAO to agencies: Stop using Social Security numbers for everything
There really is such as a thing as “obvious.” Isn’t there? Adam Stone reports: Federal agencies continue to over-collect, over-use and over-display Social Security numbers, leading to the an unnecessarily high risk of identity theft. That’s the latest from the U.S. Government Accountability Office. In a recent report GAO declares that a decade’s worth of…
Judge Cracks Down on LinkedIn’s Shameful Abuse of Computer Break-In Law
Jamie Williams and Amul Kalia write: Good news out of a court in San Francisco: a judge just issued an early ruling against LinkedIn’s abuse of the notorious Computer Fraud and Abuse Act (CFAA) to block a competing service from perfectly legal uses of publicly available data on its website. LinkedIn’s behavior is just the…
Siemens medical imaging devices become cybersecurity scapegoats
Scott E. Rupp reports: The Department of Homeland Security (DHS) says that some of the Siemens medical imaging devices that run Windows 7 software are vulnerable to cyberattack. If hacked, these specific Siemens devices allow for the ability to “remotely execute arbitrary code,” DHS says. The alert from DHS’s Industrial Control Systems Cyber Emergency Response…