Reports of data breaches affecting some of today’s largest companies continue to grab the headlines of prominent news outlets nationwide. The damage experienced by a company after a data breach has lasting negative effects on brand equity and reputation. In fact, a recent survey* of nearly 850 executives, conducted by the Ponemon Institute and sponsored…
Category: Commentaries and Analyses
Ignored Skype flaw enables hackers to steal sensitive user details
Steven Mostyn reports: What’s not to like about Skype? It spans the world, it enables us to chat instantly with friends and family, it supports video communication, and it’s completely free. What’s not to like? Well, how about the potential for having your computer’s security compromised because Skype can allow nefarious online criminals to access…
Federal Appeals Court Holds Identity Theft Insurance/Credit Monitoring Costs Constitute “Damages” in Hannaford Breach Case
I posted something on this decision earlier today, but David Navetta has such a helpful analysis of the ruling that I wanted to mention it here. His commentary begins: In a significant development that could materially increase the liability risk associated with payment card security breaches (and personal data security breaches, in general), the U.S. Court…
UK: Data breaches ‘up 58%’
Matt Warman reports: Data security breaches have risen by 58 per cent in the last year, the Information Commissioner has revealed. Christopher Graham said that although businesses are taking the protection of their customers’ data more seriously, in fact more breaches were being reported and fewer than half of all individuals believe companies treat personal…
MD: Labor Dept. Did Not Protect Personal Information On Computers, Audit Finds
Megan Poinski reports: Personal information about licenses and unemployment – including names, addresses, birth dates, credit card and Social Security numbers – was left relatively unguarded on computers at the Department of Labor, Licensing and Regulation, and may have been targeted for fraud, according to legislative auditors. The audit of DLLR’s Office of the Secretary,…
SEC guidance about coming clean about data breaches
Emma Woollacott reports: The Securities and Exchange Commission (SEC) has ordered companies to disclose security breaches, following a year in which several organizations have been criticized for revealing details late, if at all. “Cyber incidents may result in losses from asserted and unasserted claims, including those related to warranties, breach of contract, product recall and…