Tim Murphy reports: MPs have revised privacy legislation to avoid a risk of ‘notification fatigue’ in which holders of data would be forced to advise the public of even minor data breaches. Parliament’s justice select committee has raised the threshold in the Privacy Bill for when mandatory notifications to the Privacy Commissioner and affected individuals would…
Category: Of Note
OH: 13-year-old student accused of hacking teacher’s account, making hit list of fellow students
WSYX/WTTE reports: A 13-year-old student at the Columbus City Preparatory School for Boys is under investigation after he reportedly used a teacher’s credentials to get into the district’s system, created a website with information about his fellow students, and made threats. Columbus Police say they received a report on March 15th that the student had…
Facebook Stored Hundreds of Millions of User Passwords in Plain Text for Years
Brian Krebs reports: Hundreds of millions of Facebook users had their account passwords stored in plain text and searchable by thousands of Facebook employees — in some cases going back to 2012, KrebsOnSecurity has learned. Facebook says an ongoing investigation has so far found no indication that employees have abused access to this data. Read…
Settlement in 2015 UCLA Health Data Breach Class Action
Top Class Actions reports: A $7.5 million class action settlement has been reached, resolving claims that a July 2015 data breach exposed personal information stored by the UCLA Health Network. The UCLA Health class action settlement provides $2 million to pay for unreimbursed loss claims and preventative measure claims. In addition, UCLA Heath has agreed…
Happy First Day of Spring! Ohio Insurance Law Effective Today
Amber Thomson, Liisa Thomas, Elfin Noce, and Kari Rollins of SheppardMullin write: Ohio recently followed South Carolina as the second state to adopt cybersecurity legislation modeled after the NAIC’s Insurance Data Security Model Law. The Ohio law, Senate Bill 273,applies to insurers authorized to do business in Ohio and goes into effect today, March 20,…
Data breaches result in CEO pay rises, study shows
Stop the world. I want to get off. Mark Sutton reports: Bosses are more likely to receive a pay rise after their firm suffers a cybersecurity breach, according to a study by the UK’s Warwick Business School. Researchers at Warwick Business School found that media reports of a cyber-attack led to a stock market “shock”…