Healthcare, Legal News
September 07, 2023
536 views 3 mins 0

FTC Finalizes Order with 1Health.io Over Charges it Failed to Protect Privacy and Security of DNA Data and Unfairly Changed its Privacy Policy

The Federal Trade Commission finalized an order with 1Health.io that settles charges that the genetic testing firm left sensitive genetic and health data unsecured, deceived consumers about their ability to get their data deleted, and changed its privacy policy retroactively without adequately notifying consumers and obtaining their consent. In a complaint first announced in June 2023, the […]

Legal News, Europe, Malware Ransomware
September 01, 2023
1141 views 43 secs 0

FBI, European partners seize Quakbot malware network in blow to global cybercrime

U.S. officials said Tuesday that the FBI and its European partners infiltrated and seized control of a major global malware network used for more than 15 years to commit a gamut of online crimes including crippling ransomware attacks. They then remotely removed the malicious software agent — known as Qakbot — from thousands of infected […]

Legal News
September 01, 2023
1032 views 0 secs 0

Texas Amends Data Breach Notification Law, Updates Effective September 1

Texas recently enacted an amendment to its data breach notification law. As of September 1, 2023, there are two changes to the requirements when notifying the Texas Attorney General. In Texas, breaches of 250 residents or more must be reported to the Attorney General. Now, as amended, this will need to be done so as soon as […]

Commentaries and Analyses, Legal News
September 01, 2023
1075 views 7 secs 0

Should senior IT professionals be liable for breaches?

In July, SolarWinds CISO Tim Brown and CFO Bart Kalsu received Securities and Exchange Commission notices of potential enforcement action over alleged violation of securities laws. The issue stems from their response to the Russian hack of the Orion network monitoring software in 2020 — a product used by more than 30,000 organisations. This isn’t the first […]

Consumer Alerts, Legal News
August 31, 2023
1179 views 3 secs 0

A California bill under consideration could make it easier for consumers to scrub our personal data from the web. Guess who’s fighting it.

The Los Angeles Times reports that legislation being considered in California would make it easier for consumers to get every data broker to delete their personal information with just one request. Tech companies and other big businesses are fighting the bill. The bill, known as the Delete Act, faces a critical vote this Friday as […]

Legal News
August 30, 2023
502 views 59 secs 0

Broward County Declines Investigation into Admin Data Breach

The Florida county’s State Attorney’s office declined to formally investigate former Schools Superintendent Robert Runcie and two other former administrators for attempting to hide a massive March 2021 ransomware attack from the public. Broward County, Fla., prosecutors have declined to launch a formal investigation into former Schools Superintendent Robert Runcie and two other former administrators’ […]

Legal News
August 29, 2023
1180 views 42 secs 0

India Passes Digital Personal Data Protection Act

Stephen Mathias from Kochhar & Co. reports that in early August 2023, the Indian Parliament passed the Digital Personal Data Protection Act (the “Act”), bringing to a close a 5-year process to enact an omnibus data privacy law in India. The Act was ratified by the President of India and will come into effect once notified […]

Legal News
August 29, 2023
1026 views 24 secs 0

SEC Cybersecurity Rule Leans on Materiality and Reasonableness

The US Securities and Exchange Commission released its final rule, effective Sept. 5, 2023, on cybersecurity risk management, strategy, governance, and incident disclosure. Investors, registrants, and other market participants should take special notice of two key terms in the regulations: “materiality” and the “reasonable investor.” Read more at Bloomberg Law.

News, Legal News
August 29, 2023
4939 views 10 mins 0

Data Breach Notification Laws

One, in the absence of any specific law or regulation the person who was hacked is not required to notify anyone, including the people whose information was accessed, that their information was compromised.  That is why access to the below specific notification requirements is critically important. Two, if there is a requirement to notify people […]