Julian D. Perlman of BakerHostetler writes: California has moved one step closer towards amending its Constitution to create a presumption of harm whenever personal data is shared without a consumer’s express opt-in, a change that would clear a significant hurdle to many privacy breach lawsuits. On Thursday, California Secretary of State Debra Bowen approved steps…
Category: Of Note
Data Broker Hackers Also Compromised NW3C
In Part II of his latest investigative series, Brian Krebs reports: The same miscreants responsible for breaking into the networks of America’s top consumer and business data brokers appear to have also infiltrated and stolen huge amounts of data from the National White Collar Crime Center (NW3C), a congressionally-funded non-profit organization that provides training, investigative support and research…
Governor Brown signs SB 46 into law; expands California’s breach notification obligations when online account data is breached
Governor Jerry Brown signed SB 46 into law today. Dominique R. Shelton and Paul G. Martinoof of Alston & Bird had a good summary of the changes the law makes: S.B. 46 amends Section 1798.82(h) to expand the definition of “personal information” for which breach notification is required. The new law adds to the definition:…
Data Broker Giants Hacked by ID Theft Service
Brian Krebs has a must-read investigative piece about how ssndob.ms – an underground marketplace selling oodles of usable personal information (some of which we saw earlier this year on exposed.su) – gained access to major U.S. consumer and business data aggregators to obtain some of the data they were selling. LexisNexis, Dun & Bradstreet, Kroll…
This hacker might seem shady, but throwing him in jail is bad for everyone
Timothy B. Lee writes: On Friday, the U.S. government filed its brief in the appeal of Andrew “Weev” Auernheimer, who was convicted of federal hacking charges for downloading hundreds of thousands of customer e-mail addresses from AT&T’s Web site. The government says the conviction was proper, but many security researchers and civil liberties advocates argue that the…
LabMD Responds to FTC Complaint: Claims Agency Lacks Enforcement Jurisdiction
Just received this press release from Cause of Action with LabMD’s response to FTC’s complaint: Cause of Action (CoA), a government accountability organization, filed an answer to an aggressive and arbitrary enforcement action brought by the Federal Trade Commission (FTC) against LabMD, a small cancer diagnosis company. CoA is defending LabMD against a complaint brought by the FTC in…