Lawyer Jonathan Penney writes: Another day, another hack. Apple, Sony, Citigroup, and Lockheed Martin are just some of the big-name companies afflicted by recent cyber-security breaches. Canada has not been spared. Beyond the attacks on the federal Treasury and Finance Departments, Sony, Husky Energy, and Honda have all had Canadian branches or units compromised in…
Category: Commentaries and Analyses
Margarita’s Mexican Restaurant breach raises issues of law enforcement’s role in notifying the public (updated)
Brandon Scott reports that authorities have now named the source of a rash of card fraud reports in Huntsville, Texas. But what may be most significant about the news report is its focus on how law enforcement decided whether to – or when – reveal the point of compromise: … Huntsville Police Department, Walker County…
How Fast Is Fast Enough to Tell Customers About Data Breaches?
Sue Reisinger writes on Corporate Counsel: In financial data breaches, timing is almost everything. On June 13 a federal court held Comerica Bank liable for data breach losses even though it notified the customer and stopped all account activity within six hours. Two days later Citigroup Inc. was explaining why it took nearly a month…
The SAFE Data Act: An admirable attempt that needs expansion
Cross-posted from PogoWasRight.org: Some of the controversy yesterday over The SAFE Data Act, introduced by Rep. Mary Bono Mack, concerns the limited definition of “personal information” in terms of what would trigger a breach disclosure and notification. Although some of the arguments appeared to follow partisan lines, the issue is not a partisan one, so…
Editorial: Missing records case reveals vulnerabilities
From an editorial in the Winston-Salem Journal: The mysterious case of the missing medical records apparently has been solved, though we think it took Wake Forest Baptist Medical Center too long — six weeks — to disclose its findings. And since this most recent case is the second time in less than two years that medical records…
Government scolded for data breach notification delays
Aliya Sternstein reports: The Obama administration in recent weeks has recommended that companies move more quickly to alert customers when their personal data is compromised. Now internal auditors are recommending the federal government listen to its own advice. In a report released Thursday, the Treasury Inspector General for Tax Administration dinged the IRS for not notifying taxpayers…