As reported on the Hunton Insurance Recovery Blog, data breach claims involving customer data can present an ever-increasing risk for companies across all industries. A recent case illustrates efforts to recover the costs associated with such claims. A panel of the Fourth Circuit confirmed that general liability policies can afford coverage for cyber-related liabilities, and ruled…
Category: Commentaries and Analyses
Consumer Attitudes Toward Data Breach Notifications and Loss of Personal Information
The Rand Corporation has released a study by Lillian Ablon, Paul Heaton, Diana Lavery, and Sasha Romanosky on consumer reactions to data breaches. In some respects, the findings don’t exactly match what you may have been led to believe by other studies. As I’ve commented in the past, surveys that ask consumers what they would do…
Flaws in Worldpay’s Merchant Portal Allow Attackers to Modify Payment Forms
Catalin Cimpanu reports: Vulnerabilities known as IODR (Insecure Direct Object References) were found and fixed in Worldpay, an online secure payments platform, security researcher Randy Westergren reports. An IODR vulnerability is when users have access to information they should not see, either because it belongs to another user or originates from an account with higher privileges. In…
Security flaws found in 3 state health insurance websites
AP reports: Federal investigators found significant cybersecurity weaknesses in the health insurance websites of California, Kentucky and Vermont that could enable hackers to get their hands on sensitive personal information about hundreds of thousands of people, The Associated Press has learned. And some of those flaws have yet to be fixed. Read more on Midland…
RESOURCE: Bryan Cave 2016 Data Breach Litigation Report
The law firm of Bryan Cave has issued its 2016 Data Breach Litigation Report. From their Executive Summary, some of their key findings: 83 cases were filed during the Period. This represents a nearly 25% decline in the quantity of cases filed as compared to the 2015 Data Breach Litigation Report (the “2015 Report”). When multiple filings against…
FBI: $2.3 Billion Lost to CEO Email Scams
While I keep updating my leetle list of entities disclosing their employees’ W-2 data has been phished, Brian Krebs reports that the FBI has issued an alert: The U.S. Federal Bureau of Investigation (FBI) this week warned about a “dramatic” increase in so-called “CEO fraud,” e-mail scams in which the attacker spoofs a message from the boss…