Commentaries and Analyses – Page 627

First data breach case granted standing in Pennsylvania

Posted on October 30, 2015 by Dissent

Hanna Nakano reports: Standing has been found for the first time in a data breach case in the State of Pennsylvania. U.S. District Court for the Eastern District of Pennsylvania found standing in claims of injury as a result of data breach in Enslin v. Coca Cola. This is the first time a federal court in…

Breaches, traders, plain text passwords, ethical disclosure and 000webhost

Posted on October 28, 2015 by Dissent

Troy Hunt writes: It’s a bit hard to even know where to begin with this one, perhaps at the start and then I’ll try and piece all the bits together as best I can. As you may already know if you’re familiar with this blog, I run the service Have I been pwned? (HIBP) which…

TalkTalk requiring upset customers pay contract termination fee after data breach

Posted on October 27, 2015 by Dissent

From the if-they-have-a-PR-firm-are-they-even-listening-to-them dept: TalkTalk is becoming the poster child for poor PR and how NOT to respond after a data breach. In today’s installment, the BBC reports that the firm will only waive contract termination fees if the customer has had money stolen from them. “In the unlikely event that money is stolen from…

UK: ICO confirms issue of data breach compensation a matter for consumers to pursue with companies or via the courts

Posted on October 27, 2015 by Dissent

From Out-Law.com: The Information Commissioner’s Office (ICO) in the UK cannot force companies to pay compensation to consumers affected by a data breach, the watchdog has confirmed. On Monday, the UK’s culture minister Ed Vaizey told MPs in the House of Commons that it would be “a matter for the Information Commissioner’s Office and TalkTalk to decide…

Target Court Upholds Attorney-Client Privilege in Cyber Investigations

Posted on October 27, 2015 by Dissent

Stuart Altman and Michelle Kisloff write: In a decision issued late last Friday, the United States District Court for the District of Minnesota rejected an effort by class action Plaintiffs to access materials created in the course of Target’s investigation of its 2013 payment card breach that Target claimed were protected by the attorney-client privilege and…

Hacking cars in the style of Stuxnet

Posted on October 26, 2015 by Dissent

Hacking cars in the style of Stuxnet András Szijj1, Levente Buttyán1, Zsolt Szalay2 1 CrySyS Lab, Department of Networked Systems and Service 2 Department of Automobiles and Vehicle Manufacturing Budapest University of Technology and Economics Overheads at http://www.hit.bme.hu/~buttyan/publications/carhacking-Hacktivity-2015.pdf