On July 22, 2019, the FTC announced that Equifax agreed to pay at least $575 million, and potentially up to $700 million, as part of a global settlement agreement with the FTC, the CFPB, and 50 U.S. states and territories to resolve investigations into the colossal data breach the company suffered in 2017. This is the largest data breach settlement in U.S. history.
Continue Reading
Hacker
Washington AG Settles with Premera on Behalf of Multistate Coalition
Posted on
On July 11, 2019, Washington Attorney General Bob Ferguson announced that his office had entered into a consent decree and $10 million settlement with Premera Blue Cross (“Premera”) that stems from a 2014-2015 breach that affected more than 11 million individuals. The settlement, which includes a payment of roughly $5.4 million to Washington state and $4.6 million to a coalition of 29 other state Attorneys General (the “Multistate AGs”), is one of the largest ever for a breach involving protected health information (“PHI”) and comes just one month after another notable HIPAA settlement involving a similar coalition of state AGs.
…
Continue Reading
FTC Settles with Two Online Operators for Failing to Secure Customers’ Data
Posted on
On April 24, 2019, the Federal Trade Commission announced two data security cases involving online operators that were alleged to have failed to take reasonable steps to secure consumers’ data, which allowed hackers to breach both websites.…
Continue Reading
EU Recalls Children’s Smartwatch Over Security Concerns
Posted on
The European Commission has issued an EU-wide recall of the Safe-KID-One children’s smartwatch marketed by ENOX Group over concerns that the device leaves data such as location history, phone and serial numbers vulnerable to hacking and alteration.…
Continue Reading
Reported Cyber Attacks on U.S. Electric Utilities and Government Agencies
Posted on
Posted in Cybersecurity, Information Security
Hundreds of contractors and subcontractors with connections to U.S. electric utilities and government agencies have been hacked according to a recent report by the Wall Street Journal.…
Continue Reading
CNIL Fines Uber for Data Security Failure Related to 2016 Data Breach
Posted on
On December 20, 2018, the CNIL announced that it imposed a fine of €400,000 on Uber France SAS for failure to implement some basic security measures which resulted in the 2016 Uber data breach.…
Continue Reading
DOJ Accuses Iranian Nationals of “Brazen Cyber Assault” on Universities and Government Agencies
Posted on
Posted in Cybersecurity, U.S. Federal Law
The U.S. Department of Justice has unsealed an indictment accusing nine Iranian nationals of engaging in a “massive and brazen cyber assault” against at least 176 universities, 47 private companies and 7 government agencies and non-governmental organizations, including the Federal Energy Regulatory Commission. …
Continue Reading
FTC Posts Fourth Blog in Its “Stick with Security” Series
Posted on
Posted in Cybersecurity, Information Security
On August 11, 2017, the Federal Trade Commission published the fourth blog post in its “Stick with Security” series, which examines five effective security measures companies can take to safeguard their computer networks.…
Continue Reading
OCR and Health Care Industry Cybersecurity Task Force Publish Cybersecurity Materials
Posted on
The U.S. Department of Health and Human Services’ Office for Civil Rights and the Health Care Industry Cybersecurity Task Force have published important materials addressing cybersecurity in the health care industry. This blog entry provides highlights on these materials.…
Continue Reading
SEC Charges Chinese Traders with Trading on Information Stolen from Law Firms
Posted on
On December 27, 2016, the Securities and Exchange Commission announced charges against three Chinese traders who allegedly made almost $3 million in illegal profits by fraudulently trading on nonpublic information that had been hacked from two New York-based law firms.…
Continue Reading