The wait is over. Governor Jerry Brown signed AB1710 into law yesterday. The law not only requires “reasonable security procedures and practices appropriate to the nature of the [personal] information” a business owns, licenses, or maintains, but it also requires identity theft protection and mitigation services under some conditions. If notification of a breach is required,…
Category: Of Note
EPIC Urges FTC to Investigate Maricopa County Community Colleges Data Breach
Earlier this year, I reached out to the Electronic Privacy Information Center (EPIC), to encourage them to join DataBreaches.net in filing a complaint with the FTC concerning the massive data breach at Maricopa County Community Colleges District (MCCCD). I am pleased to see that they have done so, agreeing with me that MCCCD is covered by…
Second data breach hits Twin Cities Cub Foods stores
Clare Kennedy reports: Supervalu Inc. reported a second data breach, saying hackers infiltrated point of sale terminals at four Twin Cities Cub Foods grocery stores in late August or September. Customer credit card information may have been taken from the Hastings, Shakopee, Roseville (Har Mar Mall) and White Bear Lake stores. Read more on Minneapolis/St. Paul Business Journal….
We Take Your Privacy and Security. Seriously.
One of the things Brian Krebs and I seem to have in common is that you don’t want to have to send either of us a breach notification letter. Brian writes of his own recent experience with Cox, who wrote to him and 51 other customers: “On or about Aug. 13, 2014, “we learned that one…
Security Breach Puts Altegrity’s Integrity And Liquidity On The Line
Kate Marino reports: Hackers have claimed some high-profile corporate victims over the last year, with household names like Target and Home Depot typically reaping the lion’s share of media attention. Cyber attacks represent a growing threat to the business world, and their fallout could cost the global economy as much as $3 trillion by 2020, according to a McKinsey & Co….
Delaware Joins List of States Regulating Data Disposal
Jason C. Gavejian writes: On January 1, 2015, Delaware employers who dispose of records which contain the unencrypted personal identifying information of employees must take steps to ensure the privacy of such information. The bill, H.B. 294, was recently signed by Delaware’s Governor Jack Markell. Delaware also enacted a companion bill, H.B. 295, in July which imposed the…