Nathan A. Schacht comments on the recent ruling in a lawsuit against SK Communications: … According to reports about this case, the focus was on SK Communications’ violation of its duty to protect the personal data of its operations’ subscribers, including their names, dates of birth, cell numbers and social security numbers. Apparently, after an…
Category: Commentaries and Analyses
Data Losses Overall Are Up, But Bank Data Breaches Are Fewer: Report
Penny Crosman reports: A report released by KPMG on Tuesday finds that globally, there’s been a 40% increase in the number of publicly disclosed data loss incidents in the past two years. However, financial services firms have seen an 80% decrease in number of incidents in the past five years. Read more on American Banker….
Securing Outsourced Consumer Data
No great surprises, but a new survey, Securing Outsourced Consumer Data,commissioned by Experian Data Breach Resolution and conducted by the Ponemon Institute reveals that many organizations (46%) do not evaluate the security and privacy practices of vendors before sharing sensitive or confidential information. The survey polled nearly 750 individuals in organizations that transfer consumer data to third-party…
Crowd-sourcing an idea for a law
Thanks to partisan politics and intensive industry lobbying, we have no strong federal breach notification law. This, of course, is not news to my readers. But in light of (1) Congress’s current interest in cybersecurity and sharing of information, (2) the fact that up to 40% of breaches are first detected by members of the…
Should the penalty be for the data breach or for aiding and abetting fraud?
Philip Virgo writes: I have just had interesting feed back from a number of CISOs on my posting on the EU data Protection Directive. Some are still stuck in the past, adding yet more electronic nappies to cope with severe cases of data diarrhoea. Others are seeking to make the transition to a future where attack is…
What can we learn from a statistic that 1 in 4 recipients of breach notification letters become victims of ID fraud?
I haven’t read the new Javelin Strategy & Research report because it’s pricey, but their press release on it contains some of its key findings. Of note: … nearly 1 in 4 data breach letter recipients became a victim of identity fraud, with breaches involving Social Security numbers to be the most damaging. If 1 in…