No charges? No surprise. Canberra News reports: No charges will be laid by Federal Police following the investigation into the discovery of classified documents in a cabinet from a Canberra second-hand store. An AFP spokesman says thorough investigation has been conducted and no further action will be taken. The papers, from Prime Minister Malcolm Turnbull’s department…
Category: Commentaries and Analyses
Florence school system gets first ever IT report
If you care about data security in k-12, read this news report by Lisa Singleton-Rickman of TimesDaily concerning an Alabama school district. I think it serves as a useful example of what we’re up against. Start with the fact that the state does not require any IT audits in k-12 districts. Don’t ask, don’t tell? But Florence…
Seventh Circuit Reinstates Barnes & Noble Data Breach Class Action
Edward J. McAndrew of Ballard Spahr reports: The U.S. Court of Appeals for the Seventh Circuit has reinstated a data breach class action filed against Barnes & Noble (B&N). The litigation, styled as Dieffenbach v. Barnes & Noble, Inc., now heads back to the U.S. District Court for the Northern District of Illinois, which previously dismissed the…
NY: Why small villages continue to be low-hanging fruit for criminals
The New York State Comptroller conducted an audit of the Village of Alfred – Information Technology (2017M-236). Their report was released on April 6, 2018 — [read the complete report here: pdf]. Here’s the summary: Purpose of Audit The purpose of our audit was to assess the Village’s information technology (IT) environment for the period…
Fiat Chrysler Car Hacking Case Put In Neutral
Philip Yannella of Ballard Spahr writes: Plaintiff lawyers’ continued search for damage theories to assert in claims arising from a data breach – or fear of a breach – received a potential setback this week when Chief Judge Michael Reagan of the United States District Court for the Southern District of Illinois permitted Fiat Chrysler and…
Is OCR Moving the Goal Posts on Vendor Management?
Yesterday, I posted an item about a settlement between New Jersey and Virtua Medical Group after a 2016 data leak by their transcription vendor exposed approximately 1,600 patients’ information on the internet. New Jersey took the position that this was a HIPAA violation and that the entity was responsible for what its vendor had done…