It’s nice to read a notification where an entity had good defenses in place. Consider this notification from Golden Optometric in California: Early on the morning of November 6, 2017, the network server at Golden Optometric was infected with a variant of the “CrySiS” ransomware virus, which encrypted a limited number of files on its…
Category: Commentaries and Analyses
Banks Find (Some) Success Suing Over Data Breaches
Donna Wilson of Manatt, Phelps & Phillips, LLP writes: Banks continue to file suit against retailers, hoping to shift the costs of data breaches, with some recent success. What happened In January 2016, hackers accessed Eddie Bauer’s point-of-sale register system and installed malicious software that infected every Eddie Bauer store in the United States and…
In the wake of a breach: tips from the FTC
After the Equifax data breach, some people are considering placing a fraud alert, freeze, or lock on their credit file to help prevent identity thieves from opening new accounts in their name. To help consumers decide on a course of action, a Federal Trade Commission blog post, Fraud alert, freeze or lock after Equifax? FAQs,…
Air Force Hackers Earn Biggest Government Bug Bounty Ever
Kate Conger reports: A pair of hackers discovered a vulnerability in Air Force software that allowed them to gain access to the Department of Defense’s unclassified network—a find that earned them more than $10,000, the largest payout ever in a government bug bounty program. Read more on Gizmodo.
LabMD Appeal Has Privacy World Waiting
Craig A. Newman writes: It is the case that could define the scope of the U.S. Federal Trade Commission’s authority in data security. The U.S. Court of Appeals for the Eleventh Circuit heard argument six months ago in LabMD, Inc. v. Federal Trade Commission. As readers of this blog know, the case turns on what…
Still time to cast your vote for worst health data breaches of 2017
So I asked you to let me know what you thought the worst health data breaches of 2017 were. I’ve gotten only a few responses, but they all agree with each other. But let’s hear what you think. You can email me your picks or thoughts at admin[at]databreaches[dot]net or tweet them to me at @PogoWasRight…