Larry Goldstein of McGuireWoods LLP writes: Employee benefit plan data stored online may include participants’ names and Social Security numbers, account information and protected health information (PHI), all of which are inviting targets for hackers. Highly-publicized data breaches in recent years have called attention to the obligations of benefit plan administrators (typically the employers sponsoring…
Category: Of Note
Extortion E-mail Schemes Tied to Recent High-Profile Data Breaches
A public service announcement from the FBI (Alert Number I-060116-PSA): The Internet Crime Complaint Center (IC3) continues to receive reports from individuals who have received extortion attempts via e-mail related to recent high-profile data thefts. The recipients are told that personal information, such as their name, phone number, address, credit card information, and other personal details,…
Danish Authorities Investigate OkCupid Incident
Joseph Cox reports the follow-up to a breach that I covered on PogoWasRight.org. The breach involved a Danish grad student dumping OkCupid users’ personal and sensitive info in a data set for “research” purposes, claiming it was “public” data. They had neither sought nor obtained consent to scrape the user database, and although they did not include…
CFAA overreach: FBI raids home of security researcher
From the stop-me-if-you’ve-heard-this-one-before dept: Over on Daily Dot this morning, I reported that the FBI executed a search warrant at the home of researcher Justin Shafer. Shafer’s name will be familiar to regular readers of DataBreaches.net because he exposed a long-standing security vulnerability in Dentrix software and challenged Henry Schein’s claims that their product provided “encryption.” Our combined efforts resulted in…
Heads Up Internet: Time to Kill Another Dangerous CFAA Bill
Jamie Williams writes: The Computer Fraud and Abuse Act (CFAA), the federal “anti-hacking” statute, is long overdue for reform. The 1986 law—which was prompted in part by fear generated by the 1983 technothriller WarGames—is vague, draconian, and notoriously out of touch with how we use computers today. Unfortunately, Sens. Sheldon Whitehouse and Lindsey Graham are on a mission…
Precision Medicine Initiative and Data Security
Secretary Sylvia Mathews Burwell and Lisa O. Monaco write: The health care system of the future is taking shape right now, and the foundation of that new system is health care data that is private, trusted and secure. Today, we are pleased to release the final Data Security Policy Principles and Framework (Security Framework) for President Obama’s Precision…