CEOs of Tech Companies Unironically Ask Congress for Federal Data Privacy Law.

Many media outlets are reporting that the CEOs of fifty-one “tech companies” have urged the US Congress to pass a federal data privacy law. The letter itself, from the Business Roundtable, an association which includes these fifty-one companies and others, notes that: There is now widespread agreement among companies across all sectors of the economy, […] read more

AG Barr Says Encryption Backdoors Are Acceptable Risk.

Attorney General William Barr – the same one who concluded that Special Counsel Robert Mueller’s report on collusion and obstruction of justice “exonerates” the sitting president (in quotations because there’s a wee bit of a controversy on whether the report actually does so; plus Barr never literally uttered the word) – gave a speech on […] read more

British Airways, Marriot To Be Fined £183m, £99m Respectively For Data Breaches.

Earlier this week, the Information Commissioner’s Office (ICO) in the UK announced that British Airways (BA) will be fined £183 million (approximately US$228 million) for a data breach. The figure represents 1.4% of the total revenue BA earned in 2018. The airline is the first major business that has been fined under the European Union’s […] read more

HIPAA Data Breach Leads To Chapter 11 Bankruptcy For American Medical Collection Agency (AMCA).

A couple of weeks ago, Quest Diagnostics and LabCorp, two companies in the medical healthcare field, announced that they had been affected by a data breach. As it turned out, the root of the actual HIPAA data breach lay with a debt collection firm, the American Medical Collection Agency (AMCA). This week, AMCA’s parent company […] read more

Data Breach at LabCorp & Quest Diagnostics Tip of the Iceberg.

This week, two companies in the healthcare sector announced that their clients were affected by an information security breach. Both LabCorp and Quest Diagnostics were affected, and their data breaches can be traced back to AMCA (American Medical Collection Agency which also does business as Retrieval-Masters Creditors Bureau), a billing collections vendor. Many are pointing […] read more

Moody’s Downgrades Equifax “Because Of Data Breach”.

Equifax had a data breach, a preventable one (or so they say *), in 2017. It was the biggest in US (and world) history, a dubious honor that could potentially be retained for a good long while. The consequences of said breach? Until last week, the answer would have been “pretty much nil.” (* As […] read more

Indiana Supreme Court To Judge If Government Can Force People To Decrypt Their Smartphones.

The issue of forced smartphone decryptions, as it pertains to Constitutionally protected rights, is gathering steam. According to various sites, Indiana’s Supreme Court will soon be listening to arguments on whether Fifth Amendment rights are being violated when the government forces suspects to unlock their encrypted smartphones (the Indiana Court of Appeals judged that it […] read more

Convicted Terrorist Steals Hard Drive in Brussels Main Justice Offices.

According to the Associated Press, a man who was convicted (and released from prison) for terrorist activities is suspected in the theft of an external hard drive from a forensic doctor’s office. The story is full of puzzling questions, including why the Belgian government is not doing an adequate job of securing their data. Motives […] read more

HIPAA Notifications Are Now Within 30 Days Since Breach If You’re In Colorado.

According to bizjournals.com, any HIPAA-covered entities that do business in Colorado will now have 30 days to notify Coloradans (or Coloradoans, if you prefer) of a data breach involving personal information, and not the customary 60 calendar days under HIPAA. The reason? A bill on data security that went into effect in September. As usual, […] read more

Leading Self-Encrypting Drives Compromised, Patched.

Earlier this week, security researchers revealed that certain SEDs (self-encrypting drives) sold by some of the leading brands in the consumer data storage industry had flaws in its full disk encryption.   Bad Implementation One of the easiest ways to protect one’s data is to use full disk encryption (FDE). As the name implies, FDE […] read more