Kristin L. Bryan of Squire Patton Boggs writes about a lawsuit stemming from an insider wrongdoing situation first reported in 2018: Last month a California appellate court affirmed (for the first time among any state appellate courts to consider the issue) the lower court’s denial of class certification for claims brought under the Confidentiality of…
Category: Of Note
PA: Data breach notification legislation heads to Gov. Wolf
Brett Balicki reports: A bill to help notify victims of a data breach is heading to Gov. Tom Wolf’s desk for consideration. The General Assembly has approved Sen. Dan Laughlin’s legislation, Senate Bill 696, that would require state agencies and their contractors, as well as local governments, to notify victims of a data breach involving personally…
AU: Medibank’s latest update reveals more woes; My Home Hospital patient info accessed
AU health insurer Medibank has been diligently providing updates on a massive data breach. With each update, they have revealed growing awareness of how much personal data has been accessed or exfiltrated. Their latest update, issued overnight, begins: It has become clear overnight that the criminal has accessed patient information relating to My Home Hospital….
Daniel Kaye, an operator behind The Real Deal market, arraigned on federal charges
ATLANTA – Daniel Kaye has been arraigned on charges of access device fraud and money laundering conspiracy. Kaye’s charges arise from his alleged operation of The Real Deal, a Dark Web market that sold, among other things, hacking tools and stolen login credentials, and his laundering of funds he received from that market. “While living…
FTC Takes Action Against Drizly and its CEO James Cory Rellas for Security Failures that Exposed Data of 2.5 Million Consumers
The Federal Trade Commission is taking action against the online alcohol marketplace Drizly and its CEO James Cory Rellas over allegations that the company’s security failures led to a data breach exposing the personal information of about 2.5 million consumers. Drizly and Rellas were alerted to security problems two years prior to the breach yet…
UK: ICO fines Interserve £4,400,000 for inadequate data security
Between 18 March 2019 and 1 December 2020 Interserve Limited (“Interserve”) failed to process personal data in a manner that ensured appropriate security of the personal data using appropriate technical and organisational measures as required by Article 5(1)(f) and Article 32 GDPR. This rendered Interserve vulnerable to a cyber-attack which took place in the period…