On January 22, Robert Smith, DMD, PC in Tennessee reported a breach to HHS. The report indicated that 1,500 patients were impacted by a hacking/IT incident involving their network. A Google search indicated that the practice was likely to be “Smith Dental” in Tennessee. But I could find no press release or statement on their…
Category: Commentaries and Analyses
Uber: We had “no justification” for covering up data breach
Cyrus Farivar reports: Uber’s top security official testified at Capitol Hill on Tuesday, saying that Uber had “no justification” for not coming clean sooner when it had been hit by a massive data breach in 2016. In written testimony, John Flynn, Uber’s chief information security officer, told a Senate committee that “it was wrong not…
RBS releases its year-end roundup and breach analysis
There’s nothing like some dramatic numbers to get attention to data breaches. Risk Based Security, Inc. has released their 2017 statistics, and yes, some of the numbers are dramatic. Here are just two snippets from their blog post about the report: There were 5,207 breaches recorded last year, surpassing 2015’s previous high mark by nearly…
A (Secondary) Education in Data Security
Christina Seda and Peter A. Nelson of Patterson Belknap write: On January 18, 2018, the New York State Education Department (“NYSED”) announced that one of its vendors, Questar Assessment, experienced a data breach resulting in the unauthorized disclosure of personal information from students in five different New York schools. While the data breach reportedly affected…
Trump’s CFPB Chief Pulls Back on Equifax Data Breach Probe: Report
Patrick Rucker reports: Mick Mulvaney, head of the Consumer Financial Protection Bureau, has pulled back from a full-scale probe of how Equifax Inc. failed to protect the personal data of millions of consumers, according to people familiar with the matter. Equifax (EFX.N) said in September that hackers stole personal data it had collected on some…
SG: PDPC Singapore responds to feedback received in public consultation regarding personal data management
Priyankar Bhunia writes: The PDPC sought views on the relevance of other bases for collecting, using and disclosing personal data and on a proposed mandatory data breach notification regime. The Personal Data Protection Commission of Singapore (PDPC) has released its response to feedback received from a public consultation launched in July 2017 on Approaches to…