Edward J. McAndrew of Ballard Spahr reports: The U.S. Court of Appeals for the Seventh Circuit has reinstated a data breach class action filed against Barnes & Noble (B&N). The litigation, styled as Dieffenbach v. Barnes & Noble, Inc., now heads back to the U.S. District Court for the Northern District of Illinois, which previously dismissed the…
Category: Commentaries and Analyses
NY: Why small villages continue to be low-hanging fruit for criminals
The New York State Comptroller conducted an audit of the Village of Alfred – Information Technology (2017M-236). Their report was released on April 6, 2018 — [read the complete report here: pdf]. Here’s the summary: Purpose of Audit The purpose of our audit was to assess the Village’s information technology (IT) environment for the period…
Fiat Chrysler Car Hacking Case Put In Neutral
Philip Yannella of Ballard Spahr writes: Plaintiff lawyers’ continued search for damage theories to assert in claims arising from a data breach – or fear of a breach – received a potential setback this week when Chief Judge Michael Reagan of the United States District Court for the Southern District of Illinois permitted Fiat Chrysler and…
Is OCR Moving the Goal Posts on Vendor Management?
Yesterday, I posted an item about a settlement between New Jersey and Virtua Medical Group after a 2016 data leak by their transcription vendor exposed approximately 1,600 patients’ information on the internet. New Jersey took the position that this was a HIPAA violation and that the entity was responsible for what its vendor had done…
Hackers have taken down dozens of 911 centers. Why is it so hard to stop them?
Jon Schuppe reports: … There have been 184 cyberattacks on public safety agencies and local governments in the past 24 months, according to a compilation of publicly reported incidents by the cybersecurity firm SecuLore Solutions. That includes Atlanta, which fell victim to a ransomware attack a couple days before the one on Baltimore, scrambling the…
Fourth Annual Data Security Incident Response Report Released – Building Cyber Resilience
Theodore J. Kobus III writes: On Monday we published our fourth annual Data Security Incident Response Report, which provides an analysis of the more than 560 cyber incidents handled by the team in 2017. Reflecting on the increasingly sophisticated nature of attacks, the aggressiveness by regulators in researching breaches and the expectations of highly developed responses,…