Nicole Perlroth reports: Standing before a crowded room of entrepreneurs and investors at a conference in San Francisco last summer, former Vice President Al Gore described how climate change could be contained, possibly even reversed. Next to take the stage was Kevin Mandia, the founder of Mandiant, a security company acquired by another security company called FireEye,…
Category: Commentaries and Analyses
Privacy Concerns Arise over Annapolis, Md., Parking Website
Chase Cook reports: Annapolis resident Linda Farrell was excited to use the city’s new online residential parking website. But when she opened the online form, she noticed her web browser telling her the website wasn’t secure. This after asking for her address, vehicle license plate and driver’s license number — information she felt was personal….
Second Circuit Holds Insurers Have Duty to Defend Data Trap Lawsuit
Traub Lieberman Straus & Shrewsberry LLP write: In its recent decision in Nat’l Fire Ins. Co. v. E. Mishan & Sons, Inc., 2016 U.S. App. LEXIS 10151 (2d Cir. June 1, 2016), the United States Court of Appeals for the Second Circuit, applying New York law, had occasion to consider the application of an exclusion…
House Energy And Commerce Committee Reviews Cybersecurity Practices At HHS
King & Spalding write: On May 25, 2016, the House Energy and Commerce Subcommittee on Health held a hearing to examine the Department of Health and Human Services’ (“HHS”) cybersecurity responsibilities. The hearing focused on legislation that would create a new office within HHS, the Office of the Chief Information Security Officer (“CISO”), consolidating information…
ERISA and Cybersecurity
Larry Goldstein of McGuireWoods LLP writes: Employee benefit plan data stored online may include participants’ names and Social Security numbers, account information and protected health information (PHI), all of which are inviting targets for hackers. Highly-publicized data breaches in recent years have called attention to the obligations of benefit plan administrators (typically the employers sponsoring…
#ProjectVoriDazel exposes misconfigured databases
Just as Chris Vickery has tried to focus attention that there are still tens of thousands of misconfigured databases exposing PII and other information that should be protected because port 27017 is open, now TeamGhostShell is also calling attention to the problem – plus other open ports and issues. In his disclosure on a paste site,…