CTV reports: New documents show that the private information of tens of thousands of people was mishandled by the federal government last year, including hundreds of taxpayer files inappropriately accessed by employees of the Canada Revenue Agency, which was the worst offender. Read the detailed findings on CTV. I can’t help it. I’m reading the above…
Category: Commentaries and Analyses
If a Data Breach Occurs and Nobody Accesses Customer Data, Does it Constitute “Publication”?
As reported on the Hunton Insurance Recovery Blog, data breach claims involving customer data can present an ever-increasing risk for companies across all industries. A recent case illustrates efforts to recover the costs associated with such claims. A panel of the Fourth Circuit confirmed that general liability policies can afford coverage for cyber-related liabilities, and ruled…
Consumer Attitudes Toward Data Breach Notifications and Loss of Personal Information
The Rand Corporation has released a study by Lillian Ablon, Paul Heaton, Diana Lavery, and Sasha Romanosky on consumer reactions to data breaches. In some respects, the findings don’t exactly match what you may have been led to believe by other studies. As I’ve commented in the past, surveys that ask consumers what they would do…
Flaws in Worldpay’s Merchant Portal Allow Attackers to Modify Payment Forms
Catalin Cimpanu reports: Vulnerabilities known as IODR (Insecure Direct Object References) were found and fixed in Worldpay, an online secure payments platform, security researcher Randy Westergren reports. An IODR vulnerability is when users have access to information they should not see, either because it belongs to another user or originates from an account with higher privileges. In…
Security flaws found in 3 state health insurance websites
AP reports: Federal investigators found significant cybersecurity weaknesses in the health insurance websites of California, Kentucky and Vermont that could enable hackers to get their hands on sensitive personal information about hundreds of thousands of people, The Associated Press has learned. And some of those flaws have yet to be fixed. Read more on Midland…
RESOURCE: Bryan Cave 2016 Data Breach Litigation Report
The law firm of Bryan Cave has issued its 2016 Data Breach Litigation Report. From their Executive Summary, some of their key findings: 83 cases were filed during the Period. This represents a nearly 25% decline in the quantity of cases filed as compared to the 2015 Data Breach Litigation Report (the “2015 Report”). When multiple filings against…