Home > Insights > Blogs > Cybersecurity Bits and Bytes > "data-breach"

Cybersecurity Bits and Bytes

Cybersecurity Bits and Bytes

(By accessing, browsing or using the pages below, you agree to the Blog Conditions of Use/Disclaimer available under "Links.")


Maintaining privilege over forensic data-breach reports

James Shreve Luke Sosnicki December 18, 2020
Illustration of files and a locked file folder

In the new reality of transparent data collection, use, and security, companies may be forced to strike a careful balance between protecting their confidential and privileged information and complying with various laws requiring them to be transparent and to keep consumers informed. READ MORE

Pennsylvania Supreme Court provides new route for data security breach plaintiffs

James Shreve Elizabeth Casale January 2, 2019
Cybersecurity locks and data

A recent decision from the Supreme Court of Pennsylvania in Dittman v. UPMC may signal a significant change in fortunes for plaintiffs in data breach cases. Anyone storing or collecting data should be aware of the potential increase in security breach litigation in an employer/employee context. READ MORE

The potential cybersecurity crisis hiding in plain sight — at home

James Shreve December 19, 2018
Worker using computer at home

As more employees work remotely from home, the risk of a cyber breach stemming from a home network is increasing. With the immense repercussions of a breach at risk, companies should augment their cyber protection and breach response plans to include protections for home networks. READ MORE

That’s all, folks! Alabama becomes 50th state with breach notification law

April 11, 2018

On March 28, 2018, Alabama Gov. Kay Ivey signed a bill that made Alabama the 50th and final state to enact a consumer data breach notification law. Prior to the signing, Alabama had been the last remaining state without such a law after South Dakota passed its data breach law last month. What do you need to know? READ MORE

South Dakota enacts its first data breach notification law, leaving Alabama the last holdout

April 2, 2018

On March 21, 2018, South Dakota’s Senate Bill 62 was signed into law, adding a 49th square to the nation’s patchwork of state data breach notification laws. South Dakota requires notification to an impacted individual – anyone whose personal information or “protected information” was accessed without authorization – within 60 days of discovery of a breach. READ MORE

Beware this years’ taxpayer refund scams and data breaches: 8 steps recommended by the IRS

March 2, 2018
auditor reviewing financial documents with magnifying glass

The IRS is warning the public about the emerging scams this tax season, which includes cyber-attacks targeting tax preparers and businesses. The statement includes the steps to take if you or your clients' tax data or financial information has been compromised. READ MORE

Recent settlements highlight plaintiff pitfalls in data breach cases

gavel with money

This settlement is a potent reminder that a data breach’s greatest financial impact on the victim entity may arise from liabilities to financial institutions — although this comes with the considerable caveat that lost sales and consumer goodwill resulting from a data breach can be more difficult to measure. READ MORE

2nd Circuit hears data breach argument: Is fear of harm sufficient for Article III standing?

Ladder-iStock-495666802 Converted

Whether or not the 2nd Circuit follows the 7th Circuit’s lead will likely have far reaching consequences for the development of Article III standing jurisprudence in data breach cases. READ MORE

New Mexico comes late to data breach party, requires promptness

March 23, 2017
data protection

One of only a few states without its own data breach notification law, New Mexico is about to join the ranks of 47 states with such laws. HB15, awaiting the governor's signature, requires an expedient 45-calendar-day notification window. READ MORE

Don’t doubt the data breach: Massive Yahoo hack reminds us it’s not if, but when

September 22, 2016
cyber hacker with computer

Yahoo’s announcement that a hacker exposed the information of over 500 million of its users is a strong reminder to all companies the importance of a breach response plan. Here we outline some tips for key elements of such a plan. READ MORE

NIST and FAIR develop tool to merge cybersecurity risk standards

August 12, 2016

A set of joint resources from NIST and FAIR can help cybersecurity professionals to both prioritize risks in their organization and allocate security resources to the most critical areas of exposure. READ MORE

Is encryption the key to your data security?

August 9, 2016

Businesses must plan for the failure of technologies like firewalls, strong passwords, anti-malware, two-factor authentication and data sandboxing. In the event that unauthorized individuals gain access to sensitive data, businesses are increasingly turning to data encryption to safeguard the data itself. READ MORE

Illinois strengthens, expands scope of personal information protections

June 1, 2016
data privacy

With the passage of the Illinois Personal Information Protection Act (HB1260) last month, Illinois substantially broadened the definition of personally identifiable information, and imposed requirements on data collectors for the protection of Illinois residents’ information. READ MORE