Sorry, New Mexico residents. Your state legislature has failed to ensure you the same protections other states’ residents already have when it comes to data breach notification. Sal Crist reports: The Data Breach Notification Act — otherwise known as HB 217 — failed to make it beyond the New Mexico Senate last week, ultimately getting tabled by the judiciary…
Category: Of Note
Kreditech Investigates Insider Breach
Brian Krebs reports: Kreditech, a consumer finance startup that specializes in lending to “unbanked” consumers with little or no credit rating, is investigating a data breach that came to light after malicious hackers posted thousands of applicants’ personal and financial records online. Earlier this month, a source pointed KrebsOnSecurity to a Web site reachable only via Tor, a…
Third US Health Entity Suspected of being Compromised
Uh oh. SLC Security reports: While we can’t name any particular names at this time we have started seeing indicators of another related attack originating out of China aimed at US Healthcare entities. This time another well known affiliate of a previously breached healthcare entity appears to be attacking other Healthcare entities in California and…
California Health Care Facility Breach Statute Updated: Changes Effective Now
Paula Stannard reminds us: As a result of recent breaches – including breaches of health information and information held by health insurers – a great deal of attention has recently been focused on state data breach notification requirements. Most States have general data breach notification requirements that apply to all data breaches, including those involving…
FBI looking into Chinese military involvement in cyber hack of U.S. company
Elizabeth Shim reports: The FBI is probing into possible Chinese military involvement in a data breach of Register.com, a network that manages more than 1.4 million website addresses. The Financial Times reported the cyber attack on the U.S. company included theft of employee passwords and unauthorized access to Register’s network during a yearlong breach that did not…
Wyndham: A Case Study in Cybersecurity: How the cost of a relatively small breach can rival that of a major hack attack
Timothy Cornell of Clifford Chance US LLP has an interesting write-up on the Wyndham case that really details the time and labor costs of responding to a government investigation following a data breach. Here’s an example: On April 8, 2010, the FTC began to investigate Wyndham Worldwide and three of its subsidiaries (collectively “Wyndham”), sending Wyndham…