Edward J. McAndrew of Ballard Spahr LLP writes: South Carolina has become the first state to enact a version of the Insurance Data Security Model Law, which was drafted by the National Association of Insurance Commissioners (NAIC) in 2017. Governor Henry McMaster signed the South Carolina Insurance Data Security Act into law on May 14, 2018. The Act…
Category: Of Note
EPIC to DC Circuit: Informational Privacy is a Constitutional Right
From EPIC: EPIC has filed a “friend of the court” brief, joined by forty-four technical experts and legal scholars (members of the EPIC Advisory Board), in the OPM Data Breachcase. The case concerns the data breach at the US Office of Personnel and Management in 2015 that affected 22 million federal employees, their friends, and…
Two Members of Syrian Electronic Army Indicted for Conspiracy
May 17 – ALEXANDRIA, Va. – A federal grand jury returned an 11-count indictment today charging two Syrian men with offenses relating to their participation in a conspiracy to engage in computer hacking as members of the “Syrian Electronic Army” or “SEA.” Ahmad ‘Umar Agha, who is known online as the “The Pro,” and Firas Dardar,…
Cyber-Criminal Residing in Latvia Convicted for Role in Operation of Counter Antivirus Service “Scan4you”
May 16 – A federal jury today convicted a Latvian “non-citizen,” meaning a citizen of the former USSR who had been residing in Riga, Latvia, of three counts related to his operation of “Scan4you,” an online counter antivirus service that helped computer hackers to determine whether the computer viruses and other malicious software they created would…
UK: Crown Prosecution Service fined £325,000 after losing victim interview videos
How many monetary penalties will it take before the Crown Prosecution Service gets its data protection act together and does a reasonable job of protecting victim-related information?This is the second monetary penalty they’ve been hit with in the past few years: The Crown Prosecution Service (CPS) has been fined £325,000 by the ICO after they…
Respiratory therapy supplier Lincare agrees to pay $875K to settle data breach lawsuit
Evan Sweeney reports: The country’s largest provider of home respiratory supplies has agreed to pay $875,000 to settle a class-action lawsuit from former employees whose information was exposed during a 2017 data breach. The settlement (PDF) resolves a lawsuit filed last fall that claimed Lincare failed to implement “the most basic security safeguards” to prevent…