Commentaries and Analyses – Page 824

Insurers Deny Coverage for Breach Notice Costs (and why companies should consider cyber insurance coverage and why brokers should offer it)

Posted on June 11, 2010 by Dissent

David Navetta comments on the litigation involving the University of Utah, Perpetual Storage, and Colorado Casualty Insurance Co. You may wish for a scorecard to keep all the players straight: It was recently reported that an insurance carrier (Colorado Casualty Insurance Co.) denied coverage (and filed a lawsuit) for the $3.3 million in costs the…

SB hospital fined $325,000 for breach of patient records (updated)

Posted on June 10, 2010 by Dissent

Lora Hines reports: Community Hospital of San Bernardino has been fined a total of $325,000 for breaches of more than 200 patient records by two employees in 2009. Community Hospital is one of five facilities statewide recently fined $675,000 for unauthorized access of nearly 230 medical records for more than 200 patients in violation of…

UK: Data Protection Act is out of kilter with EU law, warns privacy lawyer

Posted on June 9, 2010 by Dissent

Warwick Ashford reports: The single most important change required in UK data protection regulation is to bring the law into line with European legislation, says Stewart Room, partner at law firm Field Fisher Waterhouse. Section 13 of the UK Data Protection Act (DPA) is totally out of kilter with the EU directive on personal data,…

Ca: Risks remain in wake of mortgage broker breaches, audit shows

Posted on June 8, 2010 by Dissent

Several mortgage brokerages improved some privacy and security measures following a string of major data breaches, but failed to implement controls to raise the alarm about any future suspicious activity, a privacy audit has found. The audit by the Office of the Privacy Commissioner of Canada (OPC) was launched after the brokerages reported 14 data…

Kobil smartcard reader hacked

Posted on June 4, 2010 by Dissent

A vulnerability in smartcard readers made by vendor Kobil allows intruders to install specially crafted firmware without opening the sealed housing. Attackers could exploit this to read PINs such as those used for digital document signatures or to display forged data on-screen. To prevent such intrusions from happening, smartcard readers are usually subjected to a…

Facebook dev move won’t stop rogue apps, say researchers

Posted on June 4, 2010 by Dissent

Gregg Keizer reports: Security researchers today said Facebook’s new requirement that developers link legitimate accounts to their software won’t stop rogue applications from infecting its users with adware. On Wednesday, Facebook announced that it will now demand that developers verify a Facebook account to create new apps on the service. “We’re taking this step to…