A court opinion out of Tokyo may make it harder for plaintiffs in breach lawsuits in Japan to demonstrate harm or injury worthy of compensation. The breach and lawsuit against Benesse Corporation have been reported previously on this site in 2014 and 2015. Takuya Kitazawa reports: The Tokyo District Court rejected plaintiffs’ demands over a huge…
Category: Of Note
Email providers blacklist oregon.gov, now state can’t email some members of the public
When you think of consequences of employees clicking on phishing emails, did you ever think about how an entire state government might wind up having their email domain blacklisted? It happened to Oregon because oregon.gov was used to send out spam after an employee clicked on a phishing email. Hillary Borrud reports: Oregon’s state technology workers…
Hackers stole feds’ information four years ago. Now we know what criminals did with it.
Wow. Rachel Weiner reports that data in the Office of Personnel Management (OPM) hack may have shown up as part of a fraud scheme: Four years after hackers stole personal information from over 22 million people through the Office of Personnel Management, a fraud scheme exploiting that data has come to light in southeast Virginia….
Judge rules in favor of OCR and requires a Texas cancer center to pay $4.3 million in penalties for HIPAA violations
A U.S. Department of Health and Human Services Administrative Law Judge (ALJ) has ruled that The University of Texas MD Anderson Cancer Center (MD Anderson) violated the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules and granted summary judgment to the Office for Civil Rights (OCR) on all issues, requiring…
New Charges in Huge C.I.A. Breach Known as Vault 7
There’s a huge update in a significant case noted last month on this blog. Adam Goldman reports: Federal prosecutors have charged a former software engineer at the center of a huge C.I.A. breach with stealing classified information, theft of government property and lying to the F.B.I. The engineer, Joshua A. Schulte, 29, of New York,…
Changes to Louisiana’s Data Breach Notification Law Go Into Effect August 1
Joseph J. Lazzarotti, Jason C. Gavejian, and Maya Atrakchi of Jackson Lewis write that changes to Louisiana’s data breach notification law (Act 382) go into effect on August 1 of this year. Those changes include expansion of the definition of personal information, requirements that notification be made no later than 60 days from discovery of…