CEOs of Tech Companies Unironically Ask Congress for Federal Data Privacy Law.

Many media outlets are reporting that the CEOs of fifty-one “tech companies” have urged the US Congress to pass a federal data privacy law. The letter itself, from the Business Roundtable, an association which includes these fifty-one companies and others, notes that: There is now widespread agreement among companies across all sectors of the economy, […] read more

Georgia Supreme Court To Decide Precedent-Setting Data Breach Case.

According to ajc.com, lawyers argued last week, in front of Georgia’s Supreme Court justices, whether the threat of future harm to data breach victims is enough to receive compensation or if actual financial losses are necessary. This is a far cry from years past, when courts used to toss out data breach lawsuits for lack […] read more

Laptop With Medical Info Missing From University of Hong Kong.

According to scmp.com, the University of Hong Kong has lost a laptop computer containing medical information on more than 3,600 people. Apparently, the laptop computer was not secured with full disk encryption software; and yet, 901 patients’ data was cryptographically protected independently. Police are currently investigating the situation. Massive Data Breach This latest episode has […] read more

British Airways, Marriot To Be Fined £183m, £99m Respectively For Data Breaches.

Earlier this week, the Information Commissioner’s Office (ICO) in the UK announced that British Airways (BA) will be fined £183 million (approximately US$228 million) for a data breach. The figure represents 1.4% of the total revenue BA earned in 2018. The airline is the first major business that has been fined under the European Union’s […] read more

HIPAA Data Breach Leads To Chapter 11 Bankruptcy For American Medical Collection Agency (AMCA).

A couple of weeks ago, Quest Diagnostics and LabCorp, two companies in the medical healthcare field, announced that they had been affected by a data breach. As it turned out, the root of the actual HIPAA data breach lay with a debt collection firm, the American Medical Collection Agency (AMCA). This week, AMCA’s parent company […] read more

Data Breach at LabCorp & Quest Diagnostics Tip of the Iceberg.

This week, two companies in the healthcare sector announced that their clients were affected by an information security breach. Both LabCorp and Quest Diagnostics were affected, and their data breaches can be traced back to AMCA (American Medical Collection Agency which also does business as Retrieval-Masters Creditors Bureau), a billing collections vendor. Many are pointing […] read more

“Lack of Harm” Doesn’t Prevent Zappos Lawsuit From Going Forward.

The US Supreme Court has rejected an appeal from Zappos regarding a lawsuit brought forth by customers. In 2012, the famed online shoe store (and Amazon subsidiary) announced it had suffered a data breach where approximately 24 million people were affected. Unsurprisingly, lawsuits were filed. Zappos has been arguing ever since that the lawsuits have […] read more

Canada NWT Laptop Not Encrypted Because It’s “Very Difficult To Encrypt”.

Approximately two weeks ago, Canada’s cbc.com reported on the theft of a government laptop with promises of more articles on the same in the weeks to come. Earlier this week, the last article was posted. The story is a doozy. To summarize, an employee with the Department of Health and Social Services (Northwest Territories, Canada) […] read more

Scathing Government Report Concludes 2017 Equifax Breach Entirely Preventable.

This week, the US government published a report on the massive data breach Equifax experienced last year.  The overall conclusion shared by the House Oversight and Government Reform Committee is that the data breach – the largest one todate in US history and the foreseeable future – was entirely preventable.  However, as one reads through […] read more

HIPAA Notifications Are Now Within 30 Days Since Breach If You’re In Colorado.

According to bizjournals.com, any HIPAA-covered entities that do business in Colorado will now have 30 days to notify Coloradans (or Coloradoans, if you prefer) of a data breach involving personal information, and not the customary 60 calendar days under HIPAA. The reason? A bill on data security that went into effect in September. As usual, […] read more