Of Note – Page 637 – DataBreaches.Net

Canada: Stolen Customer Data Results In Ontario’s First Certified Privacy Class Action

Posted on June 18, 2014 by Dissent

Michael J. Paris of Bennett Jones LLP writes: Businesses that collect personal information have an added incentive to monitor employees handling customer data – Ontario’s first class action arising from the new tort of “intrusion upon seclusion” was certified last week.1 In Evans v Bank of Nova Scotia, the plaintiffs sought to certify a class action…

Privacy advocate files complaint with FTC over Maricopa County Community College District data breach

Posted on June 16, 2014 by Dissent

The 2013 breach at Maricopa County Community College District (MCCCD) in Arizona affected approximately 2.5 million faculty, staff, vendors, and students, making it the largest breach involving student information ever reported by a U.S. institution of higher education. A complaint by this privacy advocate alleges violations of the Safeguards Rule. Having researched and reported on breaches for about…

AU: Review blames Immigration for data breach exposing 10,000 detainees

Posted on June 12, 2014 by Dissent

Paul Farrell and Oliver Laughland report: A major data breach that exposed the personal details of almost 10,000 people in detention was caused by Immigration Department failures to check and approve documents for web publication, an independent review has found. The report by management consultants KPMG, which was published on Thursday, reveals that the document containing…

So how’s 2014 going, you ask? Not well, not well…..

Posted on June 9, 2014 by Dissent

Risk Based Security and Open Security Foundation have released a report for Q1 of 2014. The first bullet gives a good indication of what kind of year 2014 is turning out to be: There were 669 incidents reported during the first three months of 2014 exposing 176 million records. Of especial interest to me were…

New resource to help merchants understand PCI-DSS compliance

Posted on June 7, 2014 by Dissent

Back in 2010, while blogging about a POS breach at a small merchant, I noted that small merchants and Mom and Pop outfits weren’t getting enough information and support to be PCI-DSS compliant. One of my main resources for breaches in the hospitality sector has been Charles Hoff, JD, MBA. Charles has extensive experience representing…

INFORMATION SECURITY: Agencies Need to Improve Cyber Incident Response Practices – GAO

Posted on May 31, 2014 by Dissent

From the highlights of a newly released GAO report: Twenty-four major federal agencies did not consistently demonstrate that they are effectively responding to cyber incidents (a security breach of a computerized system and information). Based on a statistical sample of cyber incidents reported in fiscal year 2012, GAO projects that these agencies did not completely…