Category Archives: cybersecurity

Swiss Privacy Shield

So…Everyone’s Been Compromised? What To Do In The Wake of the Equifax Breach

By now, you’ve probably heard that over 143 million records containing highly sensitive personal information have been compromised in the Equifax data breach. With numbers exceeding 40% of the population of the United States at risk, chances are good that you or someone you know – or more precisely, many people you know – will be affected. …

Read more »

Equifax Breach Affects 143M: If GDPR Were in Effect, What Would Be the Impact?

data breach, privacy

The security breach announced by Equifax Inc. on September 7, 2017, grabbed headlines around the world as Equifax revealed that personal data of roughly 143 million consumers in the United States and certain UK and Canadian residents had been compromised. By exploiting a website application vulnerability, hackers gained access to certain information such as names, Social Security …

Read more »

data security privacy FCC cybersecurity

SEC Observations from Recent Cybersecurity Examinations Identify Best Practices

The SEC continues to focus on cybersecurity as an area of concern within the investment management industry. On August 7, the US Securities and Exchange Commission’s (SEC’s) Office of Compliance Inspections and Examinations (OCIE) released a Risk Alert summarizing its observations from a recent cybersecurity-related examination of 75 firms—including broker-dealers, investment advisers, and investment companies …

Read more »

greenhouse gas

Third-Party Aspects of Cybersecurity Protections: Beyond your reach but within your control

Data privacy and cybersecurity issues are ongoing concerns for companies in today’s world.  It is nothing new to hear.  By now, every company is aware of the existence of cybersecurity threats and the need to try to protect itself.  There are almost daily reports of data breaches and/or ransomware attacks.  Companies spend substantial resources to …

Read more »

Weapons in the Cyber Defense Arsenal

In May 2017, the world experienced an unprecedented global cyberattack that targeted the public and private sectors, including an auto factory in France, dozens of hospitals and health care facilities in the United Kingdom, gas stations in China and banks in Russia. This is just the tip of the iceberg and more attacks are certain …

Read more »

fingerprints biometrics

Health Care Task Force Pre-Releases Report on Cybersecurity Days Before Ransomware Attack

Last week, the Health Care Industry Cybersecurity (HCIC) Task Force (the “Task Force”) published a pre-release copy of its report on improving cybersecurity in the health care industry.  The Task Force was established by Congress under the Cybersecurity Act of 2015.  The Task Force is charged with addressing challenges in the health care industry “when …

Read more »

data security privacy FCC cybersecurity

Yesterday, #WannaCry. Today, #DocuSignPhish

Another day, another data incident.  If you use DocuSign, you’ll want to pay attention. The provider of e-signature technology has acknowledged a data breach incident in which an unauthorized third party gained access to the email addresses of DocuSign users.   Those email addresses have now been used to launch a massive spam campaign.   By using …

Read more »

data security privacy FCC cybersecurity

“WannaCry” Ransomware Attack Causes Disruption Globally – With Worst Yet to Come

A ransomware known as “WannaCry” affected 200,000 people in 150 countries over the weekend, locking computer files and demanding payment to release them. As of this morning, Australia and New Zealand users seem to have avoided the brunt of the attack, with the Federal Government only confirming three reports of Australian companies being affected.  Not …

Read more »

data security privacy FCC cybersecurity

Company Awarded Damages After Former Employee Hacks Its Systems and Hijacks Its Website

A company can recover damages from its former employee in connection with his hacking into its payroll system to inflate his pay, accessing its proprietary files without authorization and hijacking its website, a federal court ruled. Tyan, Inc. v. Yovan Garcia, Case No. CV 15-05443- MWF (JPRx) (C.D. Cali. May 2, 2017). The Defendant worked as …

Read more »

Appeal in Home Depot Data Breach Derivative Action Results in Settlement of Corporate Governance Claims

Snatching victory of a sort from the jaws of defeat, shareholders who brought a derivative action alleging that the 2014 Home Depot data breach resulted from officers’ and directors’ breaches of fiduciary duties have reached a settlement of those claims. As previously reported, that derivative action was dismissed on November 30, 2016.  That dismissal followed on the …

Read more »