I’ve been reading a number of analyses and commentaries on the First Circuit’s ruling in the Hannaford Bros data breach case. While some people have described the ruling as a “potential game-changer,” Venkat Balasubramani provides a less optimistic analysis of what the decision may portend. As a recap, most of the plaintiffs’ claims have been…
Category: Of Note
Swedish password hacking scandal widens
A password hacking scandal which on Tuesday exposed login details of 90,000 Swedes, including several journalists and celebrities, has widened to include 180,000 users on nearly 60 websites. On Tuesday, information about more than 90,000 account passwords associated with the popular Swedish blogging site Bloggtoppen.se, was made public on the Twitter account of former Sweden…
Federal Appeals Court Holds Identity Theft Insurance/Credit Monitoring Costs Constitute “Damages” in Hannaford Breach Case
I posted something on this decision earlier today, but David Navetta has such a helpful analysis of the ruling that I wanted to mention it here. His commentary begins: In a significant development that could materially increase the liability risk associated with payment card security breaches (and personal data security breaches, in general), the U.S. Court…
‘Contract worker stole all Israelis’ personal information’ (updated)
Okay, this is not a great headline to wake up to. The Jerusalem Post reports: Information was used to create searchable database with sensitive information of every Israeli, living and deceased; computer technician put the database on the Internet for anyone in the world to access. A contract worker from the Ministry of Labor and…
UK: Data breaches ‘up 58%’
Matt Warman reports: Data security breaches have risen by 58 per cent in the last year, the Information Commissioner has revealed. Christopher Graham said that although businesses are taking the protection of their customers’ data more seriously, in fact more breaches were being reported and fewer than half of all individuals believe companies treat personal…
SEC guidance about coming clean about data breaches
Emma Woollacott reports: The Securities and Exchange Commission (SEC) has ordered companies to disclose security breaches, following a year in which several organizations have been criticized for revealing details late, if at all. “Cyber incidents may result in losses from asserted and unasserted claims, including those related to warranties, breach of contract, product recall and…