A press statement issued by Global RESP: Global RESP Corporation “Global” and the Global family of companies have always respected and protected the public’s private information and will continue to do so. Earlier today, the OSC issued a statement regarding a former, independent Dealing Representative, Nellie Acar, who allegedly purchased patient information from an employee of…
Category: Commentaries and Analyses
Human error to blame as UK data breach investigations surge
John Leyden reports: UK data breach investigations within the financial services industry almost trebled over the last two years, according to figures acquired via a Freedom of Information request to the Information Commissioner’s Office, with human error almost always responsible. The 183 per cent rise in reported Data Protection Act (DPA) incidents incorporated 585 events…
U.S. HealthWorks notifying employees of laptop theft
U.S. HealthWorks, a Dignity Health member, is notifying employees that one of their fellow employees screwed them by leaving a laptop with their unencrypted name, address, date of birth, Social Security number, and job title in a car, from where it was stolen overnight. Well, they don’t describe it that way, but that’s the net result,…
Will standing remain an obstacle to data breach lawsuits in the 7th Circuit?
Jason B. Hirsch reports: A data breach is an unfortunate event, but one that appears to be happening more and more often. On the heels of such data breaches, courts have been inundated with putative class action lawsuits premised upon a risk of future injury, such as identity theft. In the Northern District of Illinois…
56 MEEELLION credentials exposed by apps say infosec boffins
Darren Pauli reports: Researchers from the University of Darmstadt say app developers have exposed 56 million credentials by borking login processes using services from Google, Amazon, and Facebook. The research team tested 750,000 Android and iOS applications, examining the way they used the federated identity services to make authentication smooth across different devices. The team…
French Data Protection Authority Reveals 2015 Inspection Program
Hunton & Williams writes: On May 25, 2015, the French Data Protection Authority (“CNIL”) released its long-awaited annual inspection program for 2015. Under French data protection law, the CNIL may conduct four types of inspections: (1) on-site inspections (i.e., the CNIL may visit a company’s facilities and access anything that stores personal data); (2) document reviews (i.e.,…