On Friday, August 22 the Department of Homeland Security (“DHS”) and U.S. Secret Service released an advisory warning that a family of malware known as “Backoff” may have infiltrated the Point of Sale (“PoS”) systems of over 1,000 U.S. businesses. The malware was injected into some systems as far as back as October 2013, and DHS warns […]
Security Breach
Florida Enacts One of Nation’s Most Stringent Data Breach Notification Laws; Includes 30-Day Notice Requirement
On June 20, Florida Governor Rick Scott signed the Florida Information Protection Act of 2014, which updates Florida’s data breach notification law. The changes will take effect on July 1 of this year. Changes to the law include the addition of health insurance policy numbers, medical information, and online account information (such as security questions […]
Kim Peretti Quoted in BankInfoSecurity
Kim Peretti, co-chair of the firm’s Security Incident Management & Response Team, was quoted in a BankInfoSecurity article titled “Target Breach: Hold Board Responsible?” The article discussed a consulting firm’s report for shareholders in regard to Target Corp. stating that the company should replace seven of the ten members of its board of directors who […]
Jim Harvey to Speak at National Association of Corporate Directors Program on Mitigating Cybersecurity Risks
Jim Harvey, co-chair of the firm’s Privacy & Data Security practice and the Security Incident Management and Response Team, will be a featured speaker during an April 16 program sponsored by the National Association of Corporate Directors (NACD) titled, “Mitigating Cyber Security Threats: How the Attackers, Their Objectives, Their Methods Keep Changing.” Cyber security threats and […]
Iowa Updates Data Breach Notification Law to Add Paper Records, AG Notice Requirement
Iowa Governor Terry Brandstad has signed Senate File 2259, an act modifying provisions applicable to personal information security breach notification requirements. Iowa’s law will now require notice of breaches of unauthorized acquisition of information that is on paper (in addition to computerized data) and to require notice to the consumer protection division of the state […]