Bob Diachenko reports: On March 8th, 2019, I have identified a passwordless MongoDB database that was exposing sensitive information of an estimated 6,608 VivaGym job candidates and other business related data. VivaGym is a Spanish low-cost gym franchise operating in Spain and Portugal. At the moment of the discovery, database already had a ‘WARN’ collection,…
The Lawyer’s Duty When Client Confidential Information is Hacked From the Law Firm
Anton Janik, Jr. of Mitchell, Williams, Selig, Gates & Woodyard, P.L.L.C. writes: As attorneys, our livelihood is often heavily dependent upon the keeping of secrets. But in this complex electronic-data driven environment we work in, where physical security via locked doors and piercing alarms may no longer be solely sufficient to keep client confidences from…
Settlement in 2015 UCLA Health Data Breach Class Action
Top Class Actions reports: A $7.5 million class action settlement has been reached, resolving claims that a July 2015 data breach exposed personal information stored by the UCLA Health Network. The UCLA Health class action settlement provides $2 million to pay for unreimbursed loss claims and preventative measure claims. In addition, UCLA Heath has agreed…
Ca: Shredding company denies responsibility for incident involving Grand Villa Casino cards
Aaron Hinks reports an update to an incident that does not appear to have been covered on this blog. So why am I including the update? Well, partly because it sounds like something did happen that left personal information unshredded, but also because it sounds like the earlier reporting may have impugned a firm’s reputation and…
Hartwig Moss Insurance Agency discloses data breach affecting 1,100 customers
Jennifer Larino reports: Hartwig Moss Insurance Agency, a fifth-generation New Orleans business on Canal Street, revealed Wednesday (March 20) that a data breach may have exposed personal info for roughly 1,100 customers. The breach involved basic information, including names, birthdates and driver’s license numbers, taken from the company’s insurance accounts, according to a news release….
Happy First Day of Spring! Ohio Insurance Law Effective Today
Amber Thomson, Liisa Thomas, Elfin Noce, and Kari Rollins of SheppardMullin write: Ohio recently followed South Carolina as the second state to adopt cybersecurity legislation modeled after the NAIC’s Insurance Data Security Model Law. The Ohio law, Senate Bill 273,applies to insurers authorized to do business in Ohio and goes into effect today, March 20,…