Consumer Protection and Data breaches - Cyber Security Informer

Congressional Report on the 2017 Equifax Data Breach

Schneier on Security

DECEMBER 19, 2018

Here is my testimony before before the House Subcommittee on Digital Commerce and Consumer Protection last November. It's a great piece of writing, with a detailed timeline, root cause analysis, and lessons learned. Lance Spitzner also commented on this.

Data breaches

Data breaches Consumer Protection Government Hacking

Interview With Michael Bruemmer, Vice President of Experian Data Breach Resolution Group and Consumer Protection

SecureBlitz

APRIL 12, 2024

In this interview, we sat down with Michael Bruemmer, Vice President of Experian Data Breach Resolution Group and Consumer Protection, to learn more about cyber threats and how primary internet users can protect themselves. Experian is the world’s leading global information services company.

Consumer Protection

Consumer Protection Data breaches Identity Theft Cyber threats

CafePress faces $500,000 fine for data breach cover up

Malwarebytes

MARCH 16, 2022

The US Federal Trade Commission (FTC) has announced that it took action against online customized merchandise platform CafePress over allegations that it failed to secure consumers’ sensitive personal data and covered up a major breach. CafePress has already settled with seven US states as a result of this data breach.

Data breaches

Data breaches Passwords Authentication Social Engineering

Uber agrees to pay $148 million in massive 2016 data breach settlement

Security Affairs

SEPTEMBER 26, 2018

Uber agrees to $148 million settlement with US States and the District of Columbia over the massive 2016 data breach that exposed personal data of 57 million of its users. The hackers tried to blackmail Uber and demanded $100,000 from the company in exchange for avoiding publish the stolen data. Pierluigi Paganini.

Data breaches

Data breaches Consumer Protection Advertising Hacking

Robocall Legal Advocate Leaks Customer Data

Krebs on Security

AUGUST 3, 2020

A California company that helps telemarketing firms avoid getting sued for violating a federal law that seeks to curb robocalls has leaked the phone numbers, email addresses and passwords of all its customers, as well as the mobile phone numbers and other data on people who have hired lawyers to go after telemarketers.

Mobile

Mobile Marketing Consumer Protection Wireless

Experian, T-Mobile Pay Up in Multimillion-Dollar Data Breach Settlements

Dark Reading

NOVEMBER 9, 2022

Massachusetts Attorney General announced settlements across multiple states for damages from Experian's 2012 and 2015 breaches that violated consumer protection and notification laws.

Data breaches

Data breaches Consumer Protection Mobile

Tips for Choosing a Pentesting Company

The Hacker News

OCTOBER 31, 2022

In today's world of automated hacking systems, frequent data breaches and consumer protection regulations such as GDPR and PCI DSS, penetration testing is now an essential security requirement for organisations of all sizes. But what should you look for when choosing the right provider?

Penetration Testing

Penetration Testing Consumer Protection Data breaches Hacking

12 Online Resolutions for 2021

Adam Levin

DECEMBER 16, 2020

Do your homework and find a VPN service with a solid reputation for their privacy, security, and data retention policies. Unfortunately, this means that a single poorly-secured personal device can lead to a large-scale data breach. Always check your credit for new accounts or unusual activity.

VPN

VPN Antivirus Passwords Backups

Non-Bank Financial Firms Are to Report Breaches in Less Than 30 Days

Heimadal Security

NOVEMBER 1, 2023

Federal Trade Commission (FTC) requires all non-banking financial institutions to report data breaches to FTC within 30 days. The amendment to the Safeguard Rule refers to security incidents that impact more than 500 people.

Banking

Banking Consumer Protection Data breaches Cybersecurity

GUEST ESSAY: A primer on best practices for automating supply chain cybersecurity

The Last Watchdog

OCTOBER 16, 2023

They point out how supply chains rely on software yet lack the security tools to protect them. Data breaches exposed over 37 billion records in 2020 alone — a 141% jump from 2019. Businesses must automatically secure their supply chains to protect themselves and comply with consumer-protection laws.

Cybersecurity

Cybersecurity Cyber Attacks Artificial Intelligence Technology

Me on the Equifax Breach

Schneier on Security

NOVEMBER 8, 2017

Hearing on "Securing Consumers' Credit Data in the Age of Digital Commerce". Subcommittee on Digital Commerce and Consumer Protection. Mister Chairman and Members of the Committee, thank you for the opportunity to testify today concerning the security of credit data. Before the. Committee on Energy and Commerce.

Computers and Electronics

Computers and Electronics Identity Theft Internet Internet

New Mexico Becomes 48th State To Enact Data Breach Notification Law

Privacy and Cybersecurity Law

MAY 2, 2017

On April 6, 2017, New Mexico became the 48th state to enact a data breach notification law, leaving Alabama and South […].

Data breaches

Data breaches Consumer Protection

Tennessee Adds New Encryption And Timing Requirements To Its Data Breach Notification Law

Privacy and Cybersecurity Law

APRIL 28, 2017

On April 4, 2017, Tennessee Governor Bill Haslam signed into law an amendment to the state’s data breach notification law, making two […].

Data breaches

Data breaches Encryption Consumer Protection Government

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

GDPR, the EU’s flagship data privacy and “right to be forgotten” regulation, has made the stakes of a data breach higher than ever. Health data and patient data in the U.S. Financial Data Protection Laws. In the U.S.,

Data privacy

Data privacy Encryption Data breaches Insurance

SiteLock’s Top Five Cybersecurity Predictions For 2020

SiteLock

AUGUST 27, 2021

It’s safe to say that the volume and magnitude of high-profile data breaches and ransomware attacks that punctuated 2019 really kept the cybersecurity industry on its toes. Data breaches stole numerous headlines this year, including the notable Capital One breach that exposed more than 100 million customers’ accounts.

Cybersecurity

Cybersecurity Phishing Data breaches IoT

Scary Fraud Ensues When ID Theft & Usury Collide

Krebs on Security

JANUARY 25, 2022

Then in mid-January, Jim heard from MSF via snail mail that they’d discovered a data breach. Jim said MSF ultimately agreed that the loan wasn’t legitimate, but they couldn’t or wouldn’t tell him how his information got pushed through to a loan — even though MSF was never able to pull his credit file.

Financial Services

Financial Services Banking Accountability Identity Theft

CNA legal filings lift the curtain on a Phoenix CryptoLocker ransomware attack

Malwarebytes

JULY 23, 2021

Two months after fully restoring its systems, CNA Financial, the leading US insurance company that was attacked by a group using Phoenix CryptoLocker ransomware, issued a legal notice of an information security incident to the Consumer Protection Bureau in New Hampshire. Phoenix posed as a browser update.

Ransomware

Ransomware Unstructured Data Accountability Consumer Protection

How Thales and Red Hat Protect Telcos from API Attacks

Thales Cloud Protection & Licensing

FEBRUARY 21, 2024

Over the past year, the Telecom industry has suffered some massive, high-profile data breaches — all of which happened by exploiting unprotected APIs. These include breaches on major operators such as T-Mobile. What are Telcos particularly vulnerable to API attacks?

Encryption

Encryption Mobile Government Consumer Protection

2024 Cybersecurity Laws & Regulations

eSecurity Planet

SEPTEMBER 21, 2024

HIPAA also requires organizations to conduct regular risk assessments and report data breaches. Children’s Online Privacy Protection Act (COPPA) The Children’s Online Privacy Protection Act (COPPA) regulates the collection of personal information from minors to protect the privacy of children under 13.

Cybersecurity

Cybersecurity Computers and Electronics Cyber threats Healthcare

Holiday Shopping Readiness: How is Retail Data Security Holding Up?

Thales Cloud Protection & Licensing

NOVEMBER 5, 2024

Consumers are guarding their privacy more than ever. Any operational downtime or even worse data loss due to a data breach could significantly impact customer loyalty and their highly anticipated holiday season revenues. According to a recent study, the average cost of a retail data breach in 2024 is reported to be $3.48

Retail

Retail Data breaches Digital transformation Risk

Zoom Settles with FTC over Allegations of Deceptive Security Practices

Hot for Security

FEBRUARY 2, 2021

The videoconferencing giant must also obtain biennial assessments of its security program by an independent third party and notify the commission of any data breach. 290 million new users in four months. Due to the COVID-19 pandemic, Zoom’s install base has ballooned from 10 million in December 2019 to 300 million in April 2020.

Encryption

Encryption Consumer Protection Surveillance Data breaches

Holiday Shopping Readiness: How is Retail Data Security Holding Up?

Security Boulevard

NOVEMBER 5, 2024

Consumers are guarding their privacy more than ever. Any operational downtime or even worse data loss due to a data breach could significantly impact customer loyalty and their highly anticipated holiday season revenues. According to a recent study, the average cost of a retail data breach in 2024 is reported to be $3.48

Retail

Retail Data breaches Digital transformation Risk

Camera tricks: Privacy concerns raised after massive surveillance cam breach

SC Magazine

MARCH 10, 2021

“I would say that you’re talking about state data breach laws, state and federal laws against unfair and deceptive trade practices, [and] potentially HIPAA liability for health institutions that were relying on a system that was using inadequate security protocols,” Davisson continued. “If

Surveillance

Surveillance IoT Accountability Passwords

It’s a Holiday Security Breach Blowout

SiteLock

AUGUST 27, 2021

It’s a heartwarming tale of multiple mass data compromises, which affected yours truly. We’ll also discuss how major data breaches occur, and what you can do to protect yourself in the Age of the Large Data Breach. How Website Security Breaches Occur. Last week was special.

Data breaches

Data breaches Passwords Identity Theft Firewall

New Federal Privacy Law Legislation Introduced

SecureWorld News

MARCH 18, 2021

According to a statement from DelBene, 70% of Americans believe their data is less secure now than it was five years ago, and 45% say they had their personal information compromised in a data breach with limited to no accountability for those responsible.

Data privacy

Data privacy Consumer Protection Data breaches Technology

Data Privacy Week 2023: Privacy Gains Power From Other Societal Forces

Security Boulevard

JANUARY 23, 2023

As the conversation around privacy progresses beyond a focus on security infrastructure and best practices for preventing data breaches, regulations are working to catch up.

Data privacy

Data privacy Data collection Consumer Protection Authentication

CISA, SolarWinds up interest in security scoring

SC Magazine

FEBRUARY 10, 2021

They’re also using it for investigative purposes, such as if they believe there has been a data breach that could violate a state consumer protection or data or state data privacy law. They can be part of those investigations. So, they can be used in an offensive and a defensive manner.

Cyber Insurance

Cyber Insurance Insurance Cyber Risk Government

Cybersecurity Report: June 29, 2015

SiteLock

AUGUST 27, 2021

US to Raise Breach of Government Records at Talks with China. This Monday, The United States began the annual security talks with China and an official said that the US government representative would raise directly the major data breach at OPM during the discussion. Follow the SiteLock blog for the latest cybersecurity news.

Cybersecurity

Cybersecurity Surveillance Government Consumer Protection

The Evolving Legislative and Compliance Landscape: A Roadmap for Business Leaders

Thales Cloud Protection & Licensing

APRIL 29, 2024

The Thales 2024 Trust Index report indicates that 87% of consumers expect vendors to respect their digital rights, which leads to trusted relationships. However, a relentless barrage of data breaches, ransomware attacks, and sophisticated cyber threats steadily erodes this trust.

Risk

Risk Manufacturing Digital transformation Cyber threats

The Evolving Legislative and Compliance Landscape: A Roadmap for Business Leaders

Security Boulevard

APRIL 29, 2024

The Thales 2024 Trust Index report indicates that 87% of consumers expect vendors to respect their digital rights, which leads to trusted relationships. However, a relentless barrage of data breaches, ransomware attacks, and sophisticated cyber threats steadily erodes this trust.

Risk

Risk Manufacturing Digital transformation Cybersecurity

Stretching the boundaries through artificial intelligence: the European proposal for a dedicated regulation. The protection of personal data.

Privacy and Cybersecurity Law

SEPTEMBER 15, 2021

The obligation to report serious incidents or malfunctions recalls the obligation to notify data breaches. Artificial intelligence not only crosses over into data protection law, but also extends to other areas of law, such as intellectual property, competition, consumer protection, and insurance, to name but a few.

Artificial Intelligence

Artificial Intelligence Consumer Protection Technology Insurance

What is Maryland’s Online Data Privacy Protection Act?

Centraleyes

APRIL 15, 2024

Genetic Information Maryland was one of a select group of states that included genetic information in their listing of personal information categories in previous Maryland consumer protection acts. HB962 expands and specifies exactly which types of genetic information are subject to breach notification requirements.

Data privacy

Data privacy Identity Theft Data breaches Data collection

How Thales and Red Hat Protect Telcos from API Attacks

Security Boulevard

FEBRUARY 21, 2024

Over the past year, the Telecom industry has suffered some massive, high-profile data breaches — all of which happened by exploiting unprotected APIs. These include breaches on major operators such as T-Mobile. What are Telcos particularly vulnerable to API attacks?

Encryption

Encryption Mobile Government Consumer Protection

Survey Says…Cybersecurity Remains A Critical Challenge For Business

Privacy and Cybersecurity Law

MARCH 23, 2018

” A prior IBM Study on the cost of data breaches found, using a sample of 419 companies in 13 countries and regions, that 47% of data breach incidents in 2016 involved a malicious or criminal attack, 25% were due to negligent employees or contractors (i.e.,

Cybersecurity

Cybersecurity Data breaches Artificial Intelligence IoT

Utah Consumer Privacy Act (UCPA)

Centraleyes

JUNE 10, 2024

Data Handling: Assist the controller in fulfilling data protection obligations, such as data breach notifications or handling data subject requests. What rights do consumers have under the UCPA? Access: Consumers have the right to know what personal data is being collected about them.

Data collection

Data collection Data privacy Consumer Protection Data breaches

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 8, 2018

Thus, if a business encrypts the personal information of the consumer, and that information is stolen, there will be no private right of action under the CCPA. That does not mean, however, that the business would be completely off the hook.

Government

Government Internet Internet Consumer Protection

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 9, 2018

Thus, if a business encrypts the personal information of the consumer, and that information is stolen, there will be no private right of action under the CCPA. That does not mean, however, that the business would be completely off the hook.

Internet

Internet Internet Consumer Protection Education

New ABA Opinion – Attorneys Must Take Reasonable Cybersecurity Measures To Protect Client Data

Privacy and Cybersecurity Law

MAY 12, 2017

On May 11, 2017, the American Bar Association (ABA) issued Formal Opinion 477, making clear that a lawyer may transmit information […].

Cybersecurity

Cybersecurity Consumer Protection Data breaches

NIST Plans To Examine Internet of Things (IoT) For Its Cybersecurity Framework

Privacy and Cybersecurity Law

MAY 17, 2017

The National Institute of Standards and Technology (NIST) is holding a Cybersecurity Framework Workshop this week at its headquarters in Gaithersburg, Maryland. […].

Internet

Internet Internet IoT Cybersecurity

HHS Issues Quick Response Cyber Attack Checklist

Privacy and Cybersecurity Law

JULY 13, 2017

Last month, after the WannaCry ransomware attack infected 230,000 computers in 150 countries, the US Department of Health and Human […].

Cyber Attacks

Cyber Attacks Ransomware Consumer Protection Data breaches

IRS Warns About New Cyber Scam Targeting Taxpayers

Privacy and Cybersecurity Law

MARCH 6, 2018

Last month, the United States (US) Internal Revenue Service (IRS) issued a warning to US taxpayers that cyber criminals are increasing their […].

Scams

Scams Consumer Protection Data breaches Government

HHS Issues Quick Response Cyber Attack Checklist

Privacy and Cybersecurity Law

JULY 13, 2017

164.304.

Cyber Attacks

Cyber Attacks Cyber threats Healthcare Technology

California Passes First Of Its Kind IoT Cybersecurity Law

Privacy and Cybersecurity Law

NOVEMBER 6, 2018

California recently became the first state in the union to pass a cybersecurity law addressing “smart” devices and Internet of Things (IoT) technology. The term IoT generally refers to anything connected to the internet, including smart home devices (e.g., Amazon’s Alexa, NEST thermostats, etc.).

IoT

IoT Cybersecurity Manufacturing Technology

California Passes First Of Its Kind IoT Cybersecurity Law

Privacy and Cybersecurity Law

NOVEMBER 5, 2018

California recently became the first state in the union to pass a cybersecurity law addressing “smart” devices and Internet of Things (IoT) technology. The term IoT generally refers to anything connected to the internet, including smart home devices (e.g., Amazon’s Alexa, NEST thermostats, etc.).

IoT

IoT Cybersecurity Manufacturing Technology

Congressional Report on the 2017 Equifax Data Breach

Interview With Michael Bruemmer, Vice President of Experian Data Breach Resolution Group and Consumer Protection

Trending Sources

CafePress faces $500,000 fine for data breach cover up

Uber agrees to pay $148 million in massive 2016 data breach settlement

Robocall Legal Advocate Leaks Customer Data

Experian, T-Mobile Pay Up in Multimillion-Dollar Data Breach Settlements

Tips for Choosing a Pentesting Company

12 Online Resolutions for 2021

Non-Bank Financial Firms Are to Report Breaches in Less Than 30 Days

GUEST ESSAY: A primer on best practices for automating supply chain cybersecurity

Me on the Equifax Breach

New Mexico Becomes 48th State To Enact Data Breach Notification Law

Tennessee Adds New Encryption And Timing Requirements To Its Data Breach Notification Law

Security Compliance & Data Privacy Regulations

SiteLock’s Top Five Cybersecurity Predictions For 2020

Scary Fraud Ensues When ID Theft & Usury Collide

CNA legal filings lift the curtain on a Phoenix CryptoLocker ransomware attack

How Thales and Red Hat Protect Telcos from API Attacks

2024 Cybersecurity Laws & Regulations

Holiday Shopping Readiness: How is Retail Data Security Holding Up?

Zoom Settles with FTC over Allegations of Deceptive Security Practices

Holiday Shopping Readiness: How is Retail Data Security Holding Up?

Camera tricks: Privacy concerns raised after massive surveillance cam breach

It’s a Holiday Security Breach Blowout

New Federal Privacy Law Legislation Introduced

Data Privacy Week 2023: Privacy Gains Power From Other Societal Forces

CISA, SolarWinds up interest in security scoring

Cybersecurity Report: June 29, 2015

The Evolving Legislative and Compliance Landscape: A Roadmap for Business Leaders

The Evolving Legislative and Compliance Landscape: A Roadmap for Business Leaders

Stretching the boundaries through artificial intelligence: the European proposal for a dedicated regulation. The protection of personal data.

What is Maryland’s Online Data Privacy Protection Act?

How Thales and Red Hat Protect Telcos from API Attacks

Survey Says…Cybersecurity Remains A Critical Challenge For Business

Utah Consumer Privacy Act (UCPA)

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

New ABA Opinion – Attorneys Must Take Reasonable Cybersecurity Measures To Protect Client Data

NIST Plans To Examine Internet of Things (IoT) For Its Cybersecurity Framework

HHS Issues Quick Response Cyber Attack Checklist

IRS Warns About New Cyber Scam Targeting Taxpayers

HHS Issues Quick Response Cyber Attack Checklist

California Passes First Of Its Kind IoT Cybersecurity Law

California Passes First Of Its Kind IoT Cybersecurity Law

Stay Connected