Category: Data Breach

Subscribe to Data Breach RSS Feed

Cyber Risk Update for Construction Companies

Scammers are always seeking new ways to target victims for Business Email Compromise (BEC) scams, where they leverage email to try to convince you to give them credentials, send them confidential information like W2s, send them money by changing things like direct deposit instructions, or give any other data that can help them profit from … Continue Reading

Achieving Industry Standards

For Cybersecurity and Privacy, “What Are the Industry Standards? Are We Meeting Them?” These are questions the FTC Chairman, Joseph Simons, strongly suggested a CEO must ask before a data breach occurs to avoid the prospect of personal liability. These questions and statements by other commissioners emphasizing the FTC’s role – to bring about a … Continue Reading

HHS Issues Practical New Cybersecurity Guidance for Healthcare Businesses of all Sizes

In late January, the U.S. Department of Health and Human Services’ Healthcare & Public Health Sector Coordinating Council issued a new cybersecurity guidance document for healthcare businesses of all sizes. The guidance document, entitled “Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients,” available at https://www.phe.gov/Preparedness/planning/405d/Pages/hic-practices.aspx, provides concrete and practical guidance for addressing what the … Continue Reading

Anthem Pays OCR $16 Million in Record-Breaking HIPAA Data Breach Settlement

The Office of Civil Rights (OCR) announced in a press release this week that Anthem, Inc. (Anthem), one of the nation’s largest health benefit companies, has agreed to pay $16 million and take substantial corrective action to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules. This settlement … Continue Reading

When was the last time you looked at RDP access?

A presentation at Black Hat recently revealed that the creators of the “SamSam” ransomware have netted over $6M to date, attacking mostly medium-to-large public and private sector organizations. And they’re showing no signs of slowing down. In the most recent SamSam attacks, the attackers concentrated their efforts on brute-force hacking of weak passwords on devices accessible … Continue Reading

CNIL’s GUIDANCE FOR PROCESSORS – ANSWERS TO YOUR MOST PRESSING QUESTIONS

See European Regulation on the Protection of Personal Data Guide Sub-Contractor Edition, September 2017. Are you a contractor within the meaning of European Regulation on data protection? Are you subject to EU regulation on data protection? What is the main change introduced by the European regulation for contractors? What are your obligations as of May … Continue Reading

Should I Place A Fraud Alert vs. Security Freeze?

Should I Place A  Fraud Alert vs. Security Freeze?  As a privacy professional, almost all your fellow employees were affected by the Equifax data breach.  You may be asked about whether to place a fraud alert or a security freeze.  You can send this guidance from the FTC on the difference between fraud alerts and … Continue Reading

Yawn – Another Company Failed to Patch. Wait! 144 Million Affected?

Yawn – Another Company Failed to Patch.  Wait!  144 Million Affected?  A PR Disaster?  Failure to promptly patch is an incredibly common cause of data breaches.  Learn from Equifax’s situation about patching and communication.  Boards, Senior Management and privacy personal should confirm that patches are applied promptly.  Also, when breaches occur, hire and listen to … Continue Reading
LexBlog