Glen A. Kopp and Laura Preback Hang of Bracewell LLP write: A Lincoln Financial Group subsidiary agreed to pay $650,000 to the Financial Industry Regulatory Authority (FINRA) to resolve allegations that it failed to implement sufficient security policies to protect confidential customer information after its web-based customer account database was hacked in 2012. The 2012…
Category: Of Note
Madison Square Garden Company Alerts Customers of Payment Card Data Breach
A major breach was just discovered last month, it seems. Here’s MSG’s full notice from their web site, today: The Madison Square Garden Company Notifies Customers of Payment Card Incident November 22, 2016 California residents please click here The Madison Square Garden Company (“MSG”) understands the importance of protecting payment card data. After MSG was notified…
UMass settles potential HIPAA violations following 2013 malware infection
The University of Massachusetts Amherst (UMass) has agreed to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules. The settlement includes a corrective action plan and a monetary payment of $650,000, which is reflective of the fact that the University operated at a financial loss in…
Bryan Cave Data Security Breach Handbook – 2016
From Bryan Cave, this free resource on Incident Readiness and Response: Since the first publication of this handbook in 2014, the legal ramifications for mishandling a data security incident have become more severe. In the United States, the number of federal and state laws that claim to regulate data security has mushroomed. The European Union has also…
Wentworth-Douglass reports insider breach at business associate, Ambucor (UPDATE5)
First it was Carolina Cardiology Consultants disclosing that 2500 of their patients had been affected by a breach at their business associate, Ambucor. Then it was Lebanon Cardiology Associates, PC (now known as WellSpan Cardiology) notifying HHS that 537 of their patients had been affected by Ambucor’s incident. Now it’s Wentworth-Douglass Hospital notifying 775 of their patients of the breach….
Two ‘computer hackers’ accused of breaking into TalkTalk’s servers in a data breach that cost the firm £42m will stand trial next year
Joseph Curtis reports: Two suspected computer hackers accused of targeting mobile network TalkTalk and stealing their customer banking details will stand trial in July next year. Matthew Hanley, 21, and Connor Allsopp, 19, are said to be involved in the massive data breach in October last year, said to have cost the company £42million in lost…