TeamSHATTER reports on data breaches in the higher education vertical throughout the United States. The past year has seen a substantial uptick in the amount of total records breached. In 2012, there was a dramatic increase in the total number of reported records affected (1,977,412), but a relatively low amount of institutions (51) that reported…
Category: Commentaries and Analyses
Article: How Bad is it? – A Branching Activity Model to Estimate the Impact of Information Security Breaches
Russell Cameron Thomas George Mason University – Department of Computational Social Science Marcin Antkiewicz Qualys, Inc. Patrick Florer Risk Centric Security, Inc. Suzanne Widup Verizon Communications Inc., Verizon RISK Team Matthew Woodyard Zions Bancorporation March 11, 2013 Abstract: This paper proposes an analysis framework and model for estimating the impact of information security breach episodes….
Attacks ‘highlight need for data breach notification law’
Paul Smith reports: The Australian Bankers Association has defended the strength of IT security processes in place across Australia’s banking system following the revelation that Reserve Bank of Australia systems had been compromised by China-based hackers. However, security experts said the incident highlighted the need for Australian data breach notification laws to be tightened to force…
After a Data Breach, Do You Need an Investigator or a Lawyer?
Catherine Dunn writes: Before becoming a computer forensics investigator who specializes in data breach response, Jason Straight was a practicing attorney. And even though he’s been in the investigative business for longer than he was a lawyer, he has to pause every once in a while when a client asks him a question in the…
Does a presidential executive order on cybersecurity get a hotel chain off the FTC hook for its breaches?
I occasionally check the docket for FTC’s lawsuit against Wyndham over the multiple breaches they experienced. A story in my news reader today about how Ben Rothke of Wyndham Worldwide gave a talk on “The five habits of highly secure organizations” struck me as somewhat ironic, and I decided to see where the lawsuit stood. Of…
New U.S. Supreme Court Decision Will Likely Impact Data Breach Litigation
Rebecca J. Schwartz writes: On February 26, 2013, the United States Supreme Court in Clapper v. Amnesty International confirmed a demanding threshold showing for plaintiffs suing based on increased risk of harm in privacy-related. The decision effectively resolves a circuit split over the application of the Article III standing requirement in data breach cases. Plaintiffs must show that the…