Israel Introducing Data Breach Notification Law.

It was reported last week that Israel introduced mandatory data security and breach notification requirements into its law books. The law is expected to go into full effect next year. Business of all types – be they global, multinational companies or the barber shop down the street – will be affected by the new regulations. […] read more

New Mexico Now Has A Data Breach Notification Bill.

New Mexico will be the latest US state to add a data breach notification law to its books. Once the bill officially becomes a law, only two states – Alabama and South Dakota – will remain outsiders to the crazy idea that people should be notified if their personal data is hacked. You can read […] read more

WikiLeaks Shows That Encryption Works, Even Against Spooks.

Last week, the world saw another bombshell announcement from WikiLeaks. Per their tweets and resulting confidential data dump, it was readily apparent that the CIA had amassed techniques for breaking into many kinds of digital devices imaginable: smartphones and computers, yes, but also things connected to the internet, like smart TVs (perhaps they’ve looked into […] read more

Horizon BCBSNJ HIPAA Charge Over Two Laptops Settled For $1.1 Million.

Horizon Blue Cross Blue Shield of New Jersey (Horizon BCBSNJ) has settled a data breach that affected approximately 690,000 New Jersey residents. This data breach was noted on this blog not too long ago: In January, the Third Circuit Appellate Court declared that a lawsuit against the insurer could proceed because the “improper disclosure” of […] read more

UK Encryption: Royal & Sun Alliance Insurance Fined £150,000 For Stolen Hard Drive.

The UK’s Information Commissioner’s Office (ICO) has fined an insurance company, Royal & Sun Alliance (RSA), a total of £150,000 for the theft of an external storage device with information on nearly 60,000 clients (and credit card details for 20,000 people).   Stolen From a Locked Room Unlike your run-of-the-mill hard drive theft cases, there […] read more

Laptop Encryption: Chesapeake Public Schools Laptop Theft Affects Over 10,000 Employees.

According to a couple of sources, Chesapeake Public Schools in Virginia is notifying employees about a potential data breach. Per their announcement, nearly 11,000 people could be affected by the theft of a laptop computer. It appears that laptop encryption software was not used to protect the contents. Password protection, however, was used. Assuming that […] read more

UMass Amherst Settles HIPAA Violation for $650,000 and Corrective Action.

In 2003, the University of Massachusetts – Amherst (UMass Amherst) was embroiled in a health data security breach. A workstation computer was infected with malware, leading to a HIPAA violation involving patient data for 1,670 people. Skip to three years later, and UMass Amherst has settled legal actions related to the breach, brought by the […] read more

Data Breach Reparations: Still Evolving, Consumers Begin To See Glimmers.

According to idtheftcenter.org, the US has seen over 858 data breaches that involved over 29 million records in 2016 (to be more specific, up until November 8). The list of breaches does not include those that go unreported, for obvious reasons, as well as those that weren’t vetted by credible sources like state Attorney General […] read more

Habitat For Humanity Data Breach Affects 5000+ People.

Habitat for Humanity, the charity that builds affordable housing across the globe for the underprivileged, was found to be leaking sensitive information online, according to dailydot.com. Over 400 gigabytes of information – including detailed information on approximately 4,600 people – was left unsecured in the cloud. (More specifically, it was Habitat for Humanity Michigan.) The […] read more

Cloud Services: Will It Be There When You Need It?.

How much should you (or can you) trust the cloud to be there when you need it? Last week, the top US internet sites went dark, on and off, for a couple of hours or so due to a historically unprecedented denial of service attack (DDoS). Over the past week, we’ve learnt that the assault […] read more