Did you hear the one about the major credit reporting agency that not only had two hacks this year that have impacted the majority of the population, but then they directed consumers to a fake phishing site? Yeah, that one. So at this point, I think it’s pretty clear that the Equifax breach will go…
Category: U.S.
California Court Weighs in on the FTC’s Data Security Enforcement Authority
Kade N. Olsen and Craig A. Newman report on a court opinion in the D-Link case – a case that addresses some of the issues also raised in LabMD vs. FTC: Yesterday, a District Court in Northern California weighed in on the U.S. Federal Trade Commission’s (FTC) authority to protect consumers from “unfair” and “deceptive”…
Did a media blackout on reporting on TheDarkOverlord allow them to mushroom in the dark?
By the end of 2016, a number of journalists and/or their employers had made an ethical decision not to report on hacks and in-progress extortion attempts by TheDarkOverlord. But did the lack of coverage enable the criminals to expand their operations without any public attention or public pressure on law enforcement to pursue them aggressively? …
Court dismisses lawsuits over OPM data breach
The Hill reports: A District of Columbia court has dismissed two lawsuits over the Office of Personnel Management (OPM) data breach disclosed in 2015. The American Federation of Government Employees, the largest federal workers union, filed the class action lawsuit against the OPM in June 2015, alleging that the breaches stemmed from gross negligence on the…
OH: Medical Mutual Provides Notice of Data Incident
Medical Mutual of Ohio (Medical Mutual) is taking action after recently discovering that an email containing personal information belonging to a portion of its Medicare Advantage members was inadvertently sent to an incorrect email address. Read more on Northwest Signal (sub. req.)
Equifax admits it had another breach 5 months before the one it disclosed
Michael Riley , Anita Sharpe , and Jordan Robertson report: Equifax Inc. learned about a major breach of its computer systems in March — almost five months before the date it has publicly disclosed, according to three people familiar with the situation. In a statement, the company said the March breach was not related to…