The Information Commissioner’s Office (ICO) has issued civil monetary penalty (CMP) of £180,000 to the Money Shop in the wake of two incidents in 2014 that led to a fuller investigation of the Money Shop’s data protection policies and procedures. As described in the notice, on April 16, 2014, a Money Shop store in Lurgan, Northern Ireland was…
Category: Of Note
AU: A junior Defence staffer allegedly took home an intelligence report and posted it online
Christopher Knaus and Michael Inman report: An Australian spy agency says it has no way of knowing who has obtained a “highly sensitive” report meant for our top allies after it was allegedly leaked by a junior defence bureaucrat on an online forum. In an embarrassing security breach, a 21-year-old Department of Defence graduate allegedly managed to download a secret…
Neiman Marcus Asks Full 7th Circuit to Consider Standing Ruling in Breach Suit
Michael Beder writes: A Seventh Circuit panel that allowed a data breach suit against Neiman Marcus to proceed misapplied the Supreme Court’s precedents on standing and, “if allowed to stand, will impose wasteful litigation burdens on retailers and the federal courts,” the retailer argues in a petition filed yesterday asking the full Seventh Circuit to rehear the…
Massachusetts Appeals Court Set to Consider Scope of Employer Liability for Employee Data Breaches
Breton Leone-Quick writes: … The legal liability of employers for data breaches by its employees is generally an underdeveloped area of the law. But a case currently pending before the Massachusetts Appeals Court will help determine the scope of this liability in Massachusetts. In the Superior Court case, Adams v. Congress Auto Insurance Agency, Inc., No. MICV2013-01322-D (Mass….
New details emerge on Siouxland Pain Clinic breach (updated)
On August 1, I noted some media reports about a breach at the Siouxland Pain Clinic. As I mentioned, the reports raised more questions than they answered. Mike Bell of the Sioux City Journal now has a few more details: Siouxland Pain Clinic sent letters Friday to more than 13,000 patients that their medical and…
Trade groups send letter with data security priorities to Senate
Seen on NACS: Last Friday, NACS and a group including eight other trade associations sent a letter to every U.S. Senator articulating the priorities of the associations in the context of data breach or data security legislation. The Senate has indicated that it might consider cybersecurity information-sharing legislation on the floor this coming week and if so,…