Ian Duncan reports on how your emergency backup might fail for reasons you didn’t anticipate, perhaps. Gmail accounts used by Baltimore officials as a workaround while the city recovers from a ransomware attack were disabled because the creation of a large number of new accounts in one place triggered Google’s automated security system, a spokesman…
Category: Of Note
District Court Finds no CFAA Violation where Employee Shares Confidential Company Information with Competitor
Jason C. Gavejian and Maya Atrakchi of JacksonLewis write: A district court in Tennessee recently concluded in Wachter Inc. v. Cabling Innovations LLC that two former employees who allegedly shared confidential company information found on the company’s computer system with a competitor did not violate the Computer Fraud and Abuse Act (CFAA). The CFAA expressly…
Medical Informatics Engineering Agrees to Pay $100,000 and to Implement Corrective Action Plan to Settle 2015 HIPAA Breach
From HHS, an update on the Medical Informatics Engineering breach of 2015 that resulted in a multi-state lawsuit (the first of its kind) in December, 2018: Medical Informatics Engineering, Inc. (MIE) has paid $100,000 to the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services, and has agreed take corrective…
Lower fines for firms that admit role in data breach
Hariz Baharudin reports: Organisations that admit their role in a data breach and plead guilty to it may get a lower financial penalty from the privacy watchdog if the cause is a common breach. Common breaches include URL manipulation, poor password management or printing errors resulting in incorrect recipients. The Personal Data Protection Commission (PDPC)…
Georgia Supreme Court Clarifies There Is No Duty to Safeguard Personal Information from a Data Breach
Gavin Reinke of Alston & Bird writes: The Georgia Supreme Court recently issued a decision holding that there is no duty to safeguard personal information from a data breach under Georgia law. Georgia Department of Labor v. McConnell involved the accidental disclosure of a spreadsheet that contained the name, social security number, home telephone number,…
Two more Microsoft zero-days uploaded on GitHub
Catalin Cimpanu reports: A security researcher going online by the pseudonym of SandboxEscaper has published today demo exploit code for two more Microsoft zero-days after releasing a similar fully-working exploit the day before. These two mark the sixth and seventh zero-days impacting Microsoft products this security researcher has published in the past ten months, with…