Data Breach at LabCorp & Quest Diagnostics Tip of the Iceberg.

This week, two companies in the healthcare sector announced that their clients were affected by an information security breach. Both LabCorp and Quest Diagnostics were affected, and their data breaches can be traced back to AMCA (American Medical Collection Agency which also does business as Retrieval-Masters Creditors Bureau), a billing collections vendor. Many are pointing […] read more

Verizon Tries To Settle Yahoo Data Breach For the Second Time.

Verizon, which acquired Yahoo in 2016 and renamed the business twice since (Oath, followed by Verizon Media), is attempting to settle the massive data breach the purple company admitted to shortly before being bought out. In January of this year, a settlement of $50 million was rejected by Judge Koh of the US District Court […] read more

“Lack of Harm” Doesn’t Prevent Zappos Lawsuit From Going Forward.

The US Supreme Court has rejected an appeal from Zappos regarding a lawsuit brought forth by customers. In 2012, the famed online shoe store (and Amazon subsidiary) announced it had suffered a data breach where approximately 24 million people were affected. Unsurprisingly, lawsuits were filed. Zappos has been arguing ever since that the lawsuits have […] read more

Canada NWT Laptop Not Encrypted Because It’s “Very Difficult To Encrypt”.

Approximately two weeks ago, Canada’s cbc.com reported on the theft of a government laptop with promises of more articles on the same in the weeks to come. Earlier this week, the last article was posted. The story is a doozy. To summarize, an employee with the Department of Health and Social Services (Northwest Territories, Canada) […] read more

California Looking To Label Biometric Data As “Personal Information”.

California was the first state in the US to pass a data breach notification law, all the way back in 2003. In the intervening fifteen years, all states have passed similar laws. The federal government has repeatedly attempted to pass one as well, so far without success. The need for federal legislation, one that would […] read more

Indiana Supreme Court To Judge If Government Can Force People To Decrypt Their Smartphones.

The issue of forced smartphone decryptions, as it pertains to Constitutionally protected rights, is gathering steam. According to various sites, Indiana’s Supreme Court will soon be listening to arguments on whether Fifth Amendment rights are being violated when the government forces suspects to unlock their encrypted smartphones (the Indiana Court of Appeals judged that it […] read more

Judge Says Biometric Locks Protected By 5th Amendment.

The battle over privacy in the digital age ratcheted up last week. According to a California judge, the Fifth Amendment – the right not to incriminate oneself – protects people from being forced to bypass a smartphone’s encryption via the use of irises, fingerprints, facial recognition, and other similar methods. Obviously, this means a warrant […] read more

HIPAA Notifications Are Now Within 30 Days Since Breach If You’re In Colorado.

According to bizjournals.com, any HIPAA-covered entities that do business in Colorado will now have 30 days to notify Coloradans (or Coloradoans, if you prefer) of a data breach involving personal information, and not the customary 60 calendar days under HIPAA. The reason? A bill on data security that went into effect in September. As usual, […] read more

Leading Self-Encrypting Drives Compromised, Patched.

Earlier this week, security researchers revealed that certain SEDs (self-encrypting drives) sold by some of the leading brands in the consumer data storage industry had flaws in its full disk encryption.   Bad Implementation One of the easiest ways to protect one’s data is to use full disk encryption (FDE). As the name implies, FDE […] read more

Anthem, Yahoo To Shell Out Additional Money Over Data Breaches.

This week saw additional headaches for two US companies involved in major data breaches (we’re talking top ten in US history to date). Yahoo, now a part of Verizon, has agreed to settle a lawsuit for $50 million. In addition, Anthem, Inc. – the Indiana-based BlueCross BlueShield insurance company – has agreed to settle HIPAA […] read more