The Federal Trade Commission has released a provisionally redacted public version of its complaint against LabMD (PHIprivacy.net’s coverage of LabMD linked here). The complaint provides what could be useful guidance as to what types of practices the FTC considers to be problematic practices under the Act: 10. At all relevant times, respondent engaged in a number of…
Category: Commentaries and Analyses
Latest Report On Data Breaches: More Outsider Attacks, Many Of Them State-Sponsored
Nice write-up by Mike Masnick on Verizon’s 2013 DBIR, here. Now if I could just find time to read the whole report for myself…
Vermont Attorney General Sorrell Requires Security Upgrades And Assesses Penalty For Security Breach Violations
Attorney General William Sorrell has reached a settlement with Natural Provisions, a grocery store in Williston, Vermont in which Natural Provisions agreed to spend $15,000 to significantly upgrade its computer security system to exceed minimum legal protections, and to pay $15,000 to the State, in addition to other injunctive relief. The settlement resolves allegations that Natural Provisions…
Hacking involved in majority of confirmed breaches – 2013 DBIR
In its 2013 Data Breach Investigations Report, Verizon said that it had analysed more than 47,000 reported security incidents last year and found 621 “confirmed data disclosures” where at least 44 million records had been “compromised”. More than half of the 621 data disclosures involved hacking, it said. “52% of breaches affecting all organisations involved…
UK: Leaked data revelations leaves Black Country councils red-faced
Oh the things that we learn from freedom of information requests: Personal information including medical details, a bank statement and the outcome of a disciplinary hearing are among documents accidentally leaked to members of the public in the past year, it has emerged. In Wolverhampton, a list of vulnerable people in placements was left in…
Failure to encrypt results in EPIC breach
Sometime in the evening of July 16 or the early morning hours of July 17, burglars managed to steal five laptop computers from the offices of Edgewood Partners Insurance Center (EPIC) in San Francisco. The theft was discovered on the 17th and reported to the police, but as of September 6, the laptops – one…