On September 30, 2014, the Governor of California signed Assembly Bill 1710, which made three small but important changes to the state’s privacy laws. The bill: (1) amended California’s breach notification law to require that the notifying entities offer identity theft protection services to affected individuals in certain cases; (2) required California businesses that “maintain” […]
Security Breach
Secret Service Estimates in Follow-Up Advisory that “Backoff” Malware Affected 1,000 U.S. Businesses
On Friday, August 22 the Department of Homeland Security (“DHS”) and U.S. Secret Service released an advisory warning that a family of malware known as “Backoff” may have infiltrated the Point of Sale (“PoS”) systems of over 1,000 U.S. businesses. The malware was injected into some systems as far as back as October 2013, and DHS warns […]
Florida Enacts One of Nation’s Most Stringent Data Breach Notification Laws; Includes 30-Day Notice Requirement
On June 20, Florida Governor Rick Scott signed the Florida Information Protection Act of 2014, which updates Florida’s data breach notification law. The changes will take effect on July 1 of this year. Changes to the law include the addition of health insurance policy numbers, medical information, and online account information (such as security questions […]
Kim Peretti Quoted in BankInfoSecurity
Kim Peretti, co-chair of the firm’s Security Incident Management & Response Team, was quoted in a BankInfoSecurity article titled “Target Breach: Hold Board Responsible?” The article discussed a consulting firm’s report for shareholders in regard to Target Corp. stating that the company should replace seven of the ten members of its board of directors who […]
Jim Harvey to Speak at National Association of Corporate Directors Program on Mitigating Cybersecurity Risks
Jim Harvey, co-chair of the firm’s Privacy & Data Security practice and the Security Incident Management and Response Team, will be a featured speaker during an April 16 program sponsored by the National Association of Corporate Directors (NACD) titled, “Mitigating Cyber Security Threats: How the Attackers, Their Objectives, Their Methods Keep Changing.” Cyber security threats and […]