Hunton Andrews Kurth reports: On September 7, 2018, the New Jersey Attorney General announced a settlement with data management software developer Lightyear Dealer Technologies, LLC, doing business as DealerBuilt, resolving an investigation by the state Division of Consumer Affairs into a data breach that exposed the personal information of car dealership customers in New Jersey…
Another security breach at Grindr reveals users’ exact location
Tom Capon reports: Grindr’s security issues are once again in the spotlight as a third party app pinpointed users’ exact location. Despite constant reassurances from the app about the difficulties of exploiting their location technology, the latest security breach revealed how malicious parties can locate users. Discovered by blog Queer Europe, they used a third-party…
In a Data-Breach Lawsuit, Can Plaintiffs Use a Company’s Data Breach Notice to Establish Standing?
Alex M. Pearce of Ellis & Winters LLP writes: ….. When a business suffers a data breach, state laws require the business to send a notice to affected individuals. Those laws typically prescribe the contents of the required notice—sometimes in detail. North Carolina’s data breach notification statute, for instance, requires the notice to include “[a]dvice…
State Department email breach exposed employees’ personal information
Eric Geller and Nahal Toosi report: The State Department recently suffered a breach of its unclassified email system, and the compromise exposed the personal information of a small number of employees, according to a notice sent to the agency’s workforce. State described the incident as “activity of concern … affecting less than 1% of employee…
Hackers selling research phished from universities on WhatsApp
Lisa Vaas reports: Iranian hackers have reportedly breached top British universities – including Oxford and Cambridge – to steal what the Telegraph says are “millions” of papers and academic research documents that they then put up for sale via WhatsApp and websites. The publication reported on Friday that much of the subject matter is bland,…
PA: Independence Blue Cross and subsidiaries notifying members whose PHI was mistakenly exposed on public web site
John George reports: Independence Blue Cross and its subsidiaries AmeriHealth HMO and AmeriHealth Insurance Co. of New Jersey have alerted certain members of a recent incident involving a potential privacy issue related to protected health information. […] “We quickly launched an investigation to determine the nature and scope of this incident, working with a leading…