The once prestigious 40-year law firm Mossack Fonseca, infamously known for its data breach that revealed the Panama Papers, is closing at the end of the month. The reason, in its words: “The reputational deterioration, the media campaign, the financial siege and the irregular actions of some Panamanian authorities have caused irreparable damage, whose obligatory … Continue reading Do data breaches have consequences? Law firm closes due to irreparable damages to its reputation
There has been a data breach emanating from the U.S. Marine Corps Forces Reserve that impacted 21,426 individuals. The breach exposed their sensitive personal information such as truncated social security numbers, bank electronic funds transfer and bank routing numbers, truncated credit card information, mailing address, residential address and emergency contact information. Calm down and press the … Continue reading Marine corp data breach lesson: human error is often the cause and is preventable
What is "reasonable cybersecurity" and how do courts view "reasonable cybersecurity"? See KnowB4's discussion of these interviews These are two excellent questions that I was asked and I answered, as succinctly as I could, in two short interviews with SecureWorld. Tell me what you think about my answers. What Is Reasonable Cybersecurity? - SecureWorld article … Continue reading What is “reasonable cybersecurity” and how do courts view it? (SecureWorld interviews)
Uber's Chief Information Security Officer (CISO), John Flynn, made a case for a uniform national data breach notification law in his testimony to members of Congress (see penultimate paragraph of full written testimony): I would like to conclude by stating that we strongly support a unified, national approach to data security and breach standards. We are … Continue reading Uber’s CISO Makes Case for Uniform National Data Breach Notification Law
The push for a single uniform national data breach notification law gained strength in the wake of the Equifax breach. Now proposed legislation in North Carolina would amend its law in a way that would add momentum to this push. And, now South Dakota is tired of being one of only two states without a … Continue reading State data breach notification law mishmash would get worse with proposed NC and SD legislation — is instant notification by clairvoyant next?