Category: Of Note

David Nosal sentenced; case narrowed the definition of “exceeding authorized access” under CFAA (update1)

Posted on by Dissent

I’ve been following the David Nosal case on this blog since April 2011, when the Ninth Circuit held that an employee who violates his employer’s computer use policy is guilty of “exceeding authorized access” to the employer’s computer under the federal anti-hacking statute, CFAA.  In June 2011, Nosal filed a petition for rehearing en banc (see…

Read more

Drowning in breach reports today…

Posted on by Dissent

Today, HHS added 37 incidents to its public breach tool, which I’ve summarized over on phiprivacy.net (here and here).  But it looks like I can’t catch a break,  as the Maryland Attorney General’s Office also updated its breach tool.  So here are some more breaches I did not previously know about, with links to their…

Read more

This was all too predictable…

Posted on by Dissent

Remember how I posted about how some frustrated researchers at Gibson Security had gone public with a SnapChat vulnerability that the firm allegedly hadn’t addressed? Well, now it seems 4.6 million SnapChat users’usernames and phone numbers have been leaked.

Read more

Accretive Health Settles FTC Charges That It Failed to Adequately Protect Consumers’ Personal Information

Posted on by Dissent

From the FTC, a follow-up on a breach that was first disclosed in September 2011, and that I’ve covered a number of times on PHIprivacy.net (see these articles). Regular readers may recall that Accretive was also sued by Minnesota’s Attorney General.  That suit settled for $2.5 million in July 2012.  Accretive Health, Inc., a company that…

Read more