Doug Olenick reports: A survey of more than 400 U.K. IT professionals in the U.K. pharmaceutical business found many do not report data breaches, in many cases because they do not know how. Well, 15% is not what I’d summarize as “in many cases.” The real headline is that almost 1 in 4 willfully do…
Category: Commentaries and Analyses
FTC Settles GLBA Enforcement Action Against TaxSlayer Stemming From 2015 Data Breach
We haven’t seen many data security enforcement actions under the Gramm-Leach-Bliley Act (GLBA) Safeguards Rule, but a recent case is a good opportunity to remind entities that they may be covered by it even if they didn’t know it. Edward McAndrew, Kim Phan, and Zaven Sargsian of Ballard Spahr write: The Federal Trade Commission (FTC)…
AU: Medicare data breach: government response ‘contemptible’, says former AFP officer
Melissa Davey reports: The federal government’s response to a Medicare data breach that led to patient details being sold on the dark web was “disappointing, confusing and often contemptible,” according to a former detective who headed the Australian federal police’s investigations into high-tech crime. Nigel Phair, now an adjunct professor at the University of Canberra’s…
Watchdog pressed to probe post-data breach services
Morgan Chalfant reports: Democratic members of the House Energy and Commerce Committee are pressing a government watchdog to further investigate whether existing credit monitoring services do enough to protect consumers affected by data breaches. The Government Accountability Office (GAO) released a report in March on identity theft services offered by the federal government and private companies…
GAO to agencies: Stop using Social Security numbers for everything
There really is such as a thing as “obvious.” Isn’t there? Adam Stone reports: Federal agencies continue to over-collect, over-use and over-display Social Security numbers, leading to the an unnecessarily high risk of identity theft. That’s the latest from the U.S. Government Accountability Office. In a recent report GAO declares that a decade’s worth of…
Judge Cracks Down on LinkedIn’s Shameful Abuse of Computer Break-In Law
Jamie Williams and Amul Kalia write: Good news out of a court in San Francisco: a judge just issued an early ruling against LinkedIn’s abuse of the notorious Computer Fraud and Abuse Act (CFAA) to block a competing service from perfectly legal uses of publicly available data on its website. LinkedIn’s behavior is just the…