A new article is available for download on SSRN: Verstraete, Mark and Zarsky, Tal, Optimizing Breach Notification (July 14, 2020). University of Illinois Law Review, Vol. 2021, Available at SSRN: https://ssrn.com/abstract=3650724 Abstract Maintaining data security is a crucial social objective in the digital age. An emerging strategy to ensure adequate security is through breach notification laws,…
Some Cub Pharmacies in Minnesota report breaches due to looters
Cub Pharmacies is the fourth chain I’ve seen that is reporting some theft of protected health information related to looters during protests in May. But when you read the descriptions of these events — these not just protesters protesting. These people intentionally stole patient data and records. For what political protest purpose? None that I…
Tampa teen arrested in hack of Twitter accounts of Obama, Bill Gates and others (Updated with DOJ Press Release)
Josh Fiallo and Peter Talbot report: A 17-year-old Tampa man was arrested Friday morning after the Federal Bureau of Investigation and the U.S. Department of Justice discovered he was behind an extensive Twitter hack, which temporarily gave him access to the accounts of Bill Gates, Barack Obama and many others. Graham Ivan Clark, 17, was arrested…
Some potential victims of PaperlessPay breach are first finding out about the breach now
At the end of April, this site reported a breach at PaperlessPay that put its clients’ employees at risk of tax refund fraud and identity theft. As reported at the time, PaperlessPay had been contacted by Homeland Security on February 19 to alert them that someone was offering access to their clients’ data for sale…
After ransomware attack, legal services company Epiq faces California privacy lawsuit
Sara Merken reports: Lawyers for Epiq Systems Inc have removed a lawsuit to federal court that alleges the legal services provider failed to adequately protect personal information under California’s consumer privacy law. Read more on Reuters.
NZ: Kiwibank breach ‘significant’ – Privacy Commissioner
Kiwibank is investigating how it sent 4200 customers an email or online bank statement with their own account number, name and address, but another person’s transaction history. The commissioner, John Edwards, said some people will be identifiable by the statements and information sent. Read more on RNZ.