In the latest development in a long-running data breach lawsuit case, Ropes & Gray write: On March 20, 2013, the United States District Court for the District of Maine denied a motion brought by plaintiffs in In re Hannaford Brothers Company Data Security Breach Litigation that would have allowed the suit to proceed as a…
Category: Commentaries and Analyses
How Private Data Became Public on Amazon’s Cloud
Jordan Robertson reports: Companies that use Amazon’s popular cloud computing service have accidentally disclosed confidential information including sales records and source code, highlighting the risks of moving sensitive data to the Web, according to new research. Rapid7, a Boston-based security firm, said in a report released today that it found more than 126 billion files…
Finland: Data Protection Ombudsman Critizices Compliance At Finnish Companies
Sakari Aalto discusses findings from a survey conducted by Finland’s Office of the Data Protection Ombudsman. The survey, carried out at the end of 2012, surveyed 74 companies and organizations that had experienced data security breaches during October – December 2011. Aalto writes, in part: In an alarmingly large proportion of companies (30%), the security…
Data breaches in higher education
TeamSHATTER reports on data breaches in the higher education vertical throughout the United States. The past year has seen a substantial uptick in the amount of total records breached. In 2012, there was a dramatic increase in the total number of reported records affected (1,977,412), but a relatively low amount of institutions (51) that reported…
Article: How Bad is it? – A Branching Activity Model to Estimate the Impact of Information Security Breaches
Russell Cameron Thomas George Mason University – Department of Computational Social Science Marcin Antkiewicz Qualys, Inc. Patrick Florer Risk Centric Security, Inc. Suzanne Widup Verizon Communications Inc., Verizon RISK Team Matthew Woodyard Zions Bancorporation March 11, 2013 Abstract: This paper proposes an analysis framework and model for estimating the impact of information security breach episodes….
Attacks ‘highlight need for data breach notification law’
Paul Smith reports: The Australian Bankers Association has defended the strength of IT security processes in place across Australia’s banking system following the revelation that Reserve Bank of Australia systems had been compromised by China-based hackers. However, security experts said the incident highlighted the need for Australian data breach notification laws to be tightened to force…