Craig A. Newman of Patterson Belknap writes: The Securities and Exchange Commission is warning investment firms to step up their game when it comes to following the agency’s privacy rules. In a Risk Alert issued by the Office of Compliance Inspections and Examinations (OCIE), a laundry list of compliance “deficiencies or weaknesses” were identified in…
Category: Of Note
Report: Unknown Data Breach Exposes 80 Million US Households
vpnMentor’s research team discovered a hack affecting 80 million American households. Known hacktivists Noam Rotem and Ran Locar discovered an unprotected database impacting up to 65% of US households. Hosted by a Microsoft cloud server, the 24 GB database includes the number of people living in each household with their full names, their marital status,…
Employee behind DJI data leak on Github sentenced to prison and fined
Jill Shen reports: A former employee of Chinese drone maker DJI was sentenced to six months in prison and fined RMB 200,000 [almost $30,000.00 USD] for unauthorized disclosure of the company’s data to code-sharing platform Github, according to the prosecutor involved in the case. The office of the People’s Procuratorate of Shenzhen posted on messaging app WeChat…
Now it’s personal: 32 jailed in China for stealing 39 million pieces of private data
Mandy Zuo reports: A three-year investigation by police in southwest China into personal data theft has ended with 32 people behind bars and several more awaiting trial, state media reported. More than 50 people were detained by police in Chongqing as part of a nationwide effort to track down and dismantle a criminal gang known…
CPSC Notifies Consumer Product Manufacturers of Possible Data Breach of Safety Information
Merrit Jones and Jena Valdetero of Bryan Cave write: A number of retailers and manufacturers have recently received notices from the U.S. Consumer Product Safety Commission concerning a possible data breach. The CPSC’s letter advises recipients of an unauthorized release of confidential information that did not go through the procedures of 15 U.S.C. § 2055,…
HHS exercises enforcement discretion and reduces maximum civil penalties
Those who want to see HHS/OCR come down like a ton of bricks on more entities and impose heavier civil monetary penalties for HIPAA breaches will likely not be happy to learn that HHS has decided to reduce the maximum civil penalties it will impose for the four tiers of violations of HIPAA. Under the…