Tim Hickman and Stephen Ravenscroft of White & Case LLP write: In April 2016, the High Court of England and Wales issued its judgment in Axon v Ministry of Defence [2016] EWHC 787 (QB). The court emphasised (albeit obiter) the fact that employers can be liable for data breaches caused by rogue employees (in the present case,…
Category: Commentaries and Analyses
I never meant harm, says student who hacked Canada Revenue to show vulnerability to Heartbleed virus
There’s an update to the hack of the Canada Revenue Agency, first disclosed in April 2014 and the young man who was charged in the case. Jane Sims reports: A student computer whiz who stole 900 social insurance numbers from the files of the Canada Revenue Agency to demonstrate its online vulnerability pleaded guilty and apologized on…
Patient privacy: Can past lessons prevent future failures?
Niam Yaraghi writes: I talked with key personnel at twenty-two different hospitals, insurers, and business associates that had experienced a breach incident over the last two years. A new report synthesizes the lessons learned from those incidents and highlights the unique vulnerabilities of the health care system to privacy breaches. Read more on Brookings Institute.
Class-Action Suit Targeting Law Firm Privacy Protections Could Be Unsealed
Gabe Friedman reports: The privacy focused class-action law firm Edelson P.C. announced it has filed a federal class-action under seal that targets a Chicago-based regional law firm for data security holes. On Thursday morning, name partner Jay Edelson tweeted that he had filed a motion to unseal the complaint against the unnamed firm. […] In an interview with Big Law…
In New York, breach reports are up 40%
New York State no longer makes the breach reports it receives conveniently available online (drat!), but Attorney General Eric Schneiderman issued a press release today with a few stats of note: The office has received 459 data breach notices from the first of the year through May 2, 2016, as compared with 327 through the…
State audit finds concerns with data security, accounting practices in Ozark County
KY3 reports: Missouri State Auditor Nicole Galloway on Monday released an audit of Ozark County. The audit report describes weaknesses in cybersecurity measures and accounting practices in several county offices. Some offices lacked sufficient password protection controls, including a lack of requirements and the use of shared passwords to access county computers. Other offices failed…