Header image

FTC vs. LabMD hearing starts

Posted on by Dissent

Opening statements were held today in FTC vs. LabMD, one of only two data security enforcement cases  that have not resulted in a consent order to settle charges. FTC attorney Alain Sheer provided the overview of the FTC’s complaint, alleging that LabMD failed to have a reasonable and appropriate data security program. He was only just into his…

Read more

Additional details on Los Robles Hospital breach

Posted on by Dissent

On May 10, I had noted a breach involving Los Robles Hospital and Medical Center in Thousand Oaks, California. HHS’s public breach tool had indicated that an incident involving their business associate, Courier Express, had resulted in the notification of 2,523 patients. A hospital spokesperson kindly called me to respond to the e-mail inquiry I had…

Read more

Court Ventures/U.S. Info Search/Experian breach tied to more cases of ID theft

Posted on by Dissent

Trot on over to KrebsOnSecurity.com, where Brian’s connecting the dots between a number of criminal prosecutions and Ngo, the Vietnamese national who posed as a Singapore investigator to get a Court Ventures account that gave him access to reports in U.S. Info Search’s database. Experian subsequently acquired Court Ventures, and Ngo’s account was allowed to continue…

Read more

The MCCCD breach: Breach costs now approach $20 million

Posted on by Dissent

Mary Beth Faller reports that breach costs for the Maricopa County Community College District (“MCCCD”) breach continue to rise: The Maricopa County Community College District governing board has approved an additional $2.3 million in lawyers’ fees to deal with the computer-security breach that occurred last year. The board also approved spending $300,000 to deal with…

Read more