It feels like it’s been a while since we’ve seen an FTC data security case (well, apart from Zoom’s issues). Today, FTC issued a press release about a settlement stemming from SkyMed International’s misconfigured elastic search instance that exposed more than 130,000 people’s information. The exposed data were discovered by Jeremiah Fowler and reported in…
Category: Federal
Regulatory Crackdown on Ransomware
Seetha Ramachandran, Nolan Goldberg and Hena M. Vora of Proskauer write: It is increasingly common for Ransomware attacks to be associated with large sophisticated cyber-criminal organizations, with a central entity providing the tools, training, and ability to collect ransoms and sending its “associates” out to cause harm. As long as victims continue to pay ransoms, Ransomware…
Data Protection Commission announces decision in Twitter inquiry
15th December 2020 The Data Protection Commission (DPC) has today announced a conclusion to a GDPR investigation it conducted into Twitter International Company. The DPC’s investigation commenced in January, 2019 following receipt of a breach notification from Twitter and the DPC has found that Twitter infringed Article 33(1) and 33(5) of the GDPR in terms…
Survey: To Report or Not Report Health Care Data Breaches
To Report or Not Report Health Care Data Breaches December 11, 2020 Amanda Walden, PhD, RHIA, CHDA , Kendall Cortelyou-Ward, PhD , Meghan Hufstader Gabriel, PhD , Alice Noblin, PhD, RHIA, CCS, PMP The American Journal of Managed Care, December 2020, Volume 26, Issue 12 This study presents information regarding the decisions that health care privacy officers make about reporting a data breach, including…
China Publishes Lists and Rules Related to Import and Export of Commercial Encryption
Eric Carlson, Yan Luo, Min He and Zhijing Yu of Covington & Burling write: On December 2, 2020, China’s Ministry of Commerce (“MOFCOM”), State Cryptography Agency (“SCA”), and the General Administration of Customs (“Customs”) jointly issued three documents (here) related to import and export of commercial encryption items: List of Commercial Encryption Subject to Import…
CFPB to Play Peacemaker in Battle for Consumers’ Financial Data
Lydia Beyoud reports: The CFPB is ready to shape the next phase of open banking in the U.S. as it develops standards for how vast amounts of consumer financial data is shared among banks, fintech apps, and data transfer companies. Financial data sharing has been largely left in private-sector hands, but the Consumer Financial Protection…