On February 16, 2016, the Department of Homeland Security (“DHS”), in collaboration with other federal agencies, released a series of documents outlining procedures for both federal and non-federal entities to share and disseminate cybersecurity information. These documents were released as directed by the Cybersecurity Act of 2015 (the “Act”), signed into law on December 18, 2015. The…
Category: Of Note
Five Mounties sue RCMP in alleged medical privacy breach
There’s an update to a workplace medical privacy breach involving members of the Royal Canadian Mounted Police (RCMP). I’ve been following the case on this blog since July, 2013. In December 2014, the privacy commissioner found that the RCMP had violated the employees’ privacy by turning over their records to a psychologist. In October 2015, there was a…
Data Broker Defendants Settle FTC Charges They Sold Sensitive Personal Information to Scammers
A group of defendants have settled Federal Trade Commission charges that they knowingly provided scammers with hundreds of thousands of consumers’ sensitive personal information – including Social Security and bank account numbers. The proposed federal court orders prohibit John Ayers, LeapLab and Leads Company from selling or transferring sensitive personal information about consumers to third parties. The defendants will also…
Hollywood Presbyterian Medical Center paid $17,000 ransom to unlock their system (updated)
Hollywood Presbyterian Medical Center has issued a statement concerning the malware attack and ransom demand recently reported in the media. According to a statement issued today, reports of a $3.6M ransom were inaccurate. The full text of their statement follows. Note that they do not state how the malware got on their system. They may…
Judge Rejects Key Defense in Anthem Data-Breach Suits
Ross Todd reports: U.S. District Judge Lucy Koh’s first major ruling in data-breach lawsuits against major health insurer Anthem Inc. didn’t do much to clarify how the litigation itself will ultimately play out. […] In her decision, Koh addressed for the first time the question of whether the loss of personal information constitutes harm under…
Hacking Team data hacked and leaked online still confidential: Singapore Court
K.C. Vijayan reports: The High Court has ruled in a novel case that confidential documents hacked from a computer and posted online remain confidential despite being in the public domain. The court found in the test case that e-mails between lawyer and client leaked online by a third party but obtained by the defence was…