Blog Archives

Federal Agencies Announce a New 36-Hour Cybersecurity Incident Rule Reporting Requirement

On November 18, 2021, the Office of the Comptroller of the Currency (“OCC”),  the Board of Governors of the Federal Reserve System (“Board”), and the Federal Deposit Insurance Corporation (“FDIC”) (collectively, the “Agencies”) issued a new rule (the “Rule”) that

Tagged with: , , , , , , , , , ,
Posted in Data Breach, Policies and Procedures, Regulations, Standards

Statement of Work Can Make or Break Discoverability of Data Breach Report

A recent decision from a federal court in Pennsylvania highlights the importance of a carefully crafted statement of work (“SOW”) when commissioning an investigative report in response to a data security breach. A convenience store chain recently learned this lesson

Posted in Data Breach, Discovery, Litigation

Eight Best Practices for Avoiding Data Breaches

As data breaches are on the rise, the old adage rings true: it’s not a question of if, but when. More companies are experiencing crippling breaches and the statistics are alarming:  According to IBM Security’s Cost of a Data Breach

Tagged with: , , , ,
Posted in Data Breach, Data Security, Policies and Procedures, Standards

New York AG Files Lawsuit Against Dunkin’ Donuts For Attacks On Customer Accounts

On September 26, 2019, New York Attorney General Letitia James filed a lawsuit against Dunkin’ Brands, Inc., the franchisor of Dunkin’ Donuts (“Dunkin’”). The lawsuit involves security issues surrounding Dunkin’s stored value cards, which customers can use to purchase Dunkin’

Posted in Data Breach, Data Security

Year To Date Changes To State Data Breach Notification Laws

With so much attention being paid to the impending California Consumer Privacy Act, it can be easy to forget that other states have privacy and data security laws too.  And those laws change routinely, with potentially significant impacts on businesses. 

Tagged with: , ,
Posted in Data Breach, Data Security

The Value Of Quickly Disclosing A Data Breach

One of the first questions a company must answer after it discovers and remediates a data breach is, “What do we tell our customers?”  Companies may delay publicly announcing a data breach out of fear that doing so will harm

Posted in Data Breach

Anthem Agrees to Record Data Breach Settlement

In the wake of the largest U.S. health care data breach in history, Anthem, Inc., has agreed to pay $16 million to the Office for Civil Rights, which is a record settlement for alleged HIPAA violations. According to the Department

Tagged with: , , , , , ,
Posted in Cyberattack, Data Breach, Data Security, HIPAA, OCR

Cybersecurity Best Practices — How General Counsel Can Prepare For The Worst

Take note GCs: The question is not if you will have to respond to a cybersecurity incident—the question is when. That was the message from speakers and panelists at the Association of Corporate Counsel’s annual meeting this year. Indeed, the

Tagged with: , , , , , , ,
Posted in Data Breach, Data Security

Financial Services Committee Rounds Out Equifax Hearings

The House Financial Services Committee this morning rounded out a full week of congressional hearings for former Equifax CEO Richard Smith. Chairman Jeb Hensarling (R-TX) reiterated his earlier calls for national standards for data security and breach notifications. Ranking Member

Tagged with: , , , , , , ,
Posted in Cyber crimes, Cyberattack, Data Breach, Data Security, Legislation, Privacy

Equifax Hearings – Round Three

Richard Smith, former Chairman and CEO of Equifax, faced his third congressional hearing in two days, appearing this afternoon before the Senate Judiciary Committee’s Privacy, Technology, and the Law Subcommittee to discuss the recently revealed Equifax data breach and efforts

Tagged with: , , , , , , ,
Posted in Cyber crimes, Cyberattack, Data Breach, Data Security, Legislation, Privacy
About Cyber Law Monitor
In the new digital world, individuals and businesses are almost entirely dependent on computer technology and electronic communications to function on a daily basis. Although the power of modern technology is a source of opportunity and inspiration—it also poses huge challenges, from protecting privacy and securing proprietary data to adhering to fast-changing statutory and regulatory requirements. The Cyber Law Monitor blog covers privacy, data security, technology, and cyber space. It tracks major legal and policy developments and provides analysis of current events.
Subscribe For Updates

cyberlawmonitor

Cozen O’Connor Blogs