The breach of Heartland Payment Systems grabbed the headlines for much of the year and the entire population of Belize had their birth details stolen when a government employee left a laptop in a car, but what else went on? Your details, my friend, were blowing in the wind Although the number of breaches involving…
Category: Commentaries and Analyses
Cybercrooks stalk small businesses that bank online
Byron Acohido reports: A rising swarm of cyber-robberies targeting small firms, local governments, school districts, churches and non-profits has prompted an extraordinary warning. The American Bankers Association and the FBI are advising small and midsize businesses that conduct financial transactions over the Internet to dedicate a separate PC used exclusively for online banking. The reason:…
Breach reports decline in 2009, but what does it mean?
As of today’s date, breach compilations by both the Identity Theft Resource Center and Open Security Foundation indicate that there were fewer breach reports in 2009 relative to 2008. While some of the apparent decrease may be due to two sources used last year not being available online for the second half of this year,…
Massachusetts’s Highest Court Delivers BJ Wholesalers (and other Retailers) a Data Breach Liability Gift
David Navetta of InformationLawGroup has an analysis of the recent court decision in Cumis Insurance Society, Inc. v. B.J. Wholesale Club decision, reported here earlier this month. This blog post dives into and analyzes the Supreme Court Decision, and looks at it in context against similar decisions. Overall, in terms of issuing banks recovering for…
Apres le breach, yet another call for greater cooperation to fight data theft
And the year draws to a close as it opened: with a call for greater cooperation in preventing security breaches. At the beginning of the year, it was Heartland Payment Systems. Now, following lawsuits against it by restauranteurs in Louisiana who were hacked while using one of its POS applications, Radiant Systems is trying to…
So where are the breach reports on HHS?
The following is cross-posted from PHIprivacy.net: Under the provisions of the HITECH Act that went into effect several months ago, covered entities are required to report breaches involving the unsecured protected health information of 500 or more individuals to the Secretary of the U.S. Department of Health & Human Services. Unfortunately, HHS watered down the…