After repeated requests from various states, the Department of Homeland Security informed state governments which states had their election systems hacked or otherwise compromised during the 2016 general election. According to reports, 21 states had their systems compromised in some fashion, although there is no evidence voting machines themselves were tampered with and in only some instances were computer systems actually penetrated.… More
As most are aware, the Massachusetts Attorney General has won the race to the courthouse and been the first regulator to file suit against Equifax.
Privacy and data security have rocketed to the top of the list of concerns for all corporate boards. Whether you are a technology company, a biotech, or a traditional widget maker, your company has confidential information about its products, customers and employees. And that information has to be protected as a matter of law, both by statute and under contracts with your customers and suppliers.
As in-house counsel,… More
Kaspersky Lab, a Russian-owned cybersecurity company that sells anti-virus software and other kinds of IT systems security products, has been banned from use by the federal government. This latest development comes by way of the Department of Homeland Security (DHS), which issued a directive requiring agencies to (1) identify Kaspersky products they are using, (2) create plans to stop using those products, and,… More
As we previously said, the Equifax breach affects approximately 143 million Americans. While the hackers stole data that includes addresses, birth dates, full names and Social Security numbers, there are steps you can take today that will protect you from an identity theft worst-case scenario.
Assume the hackers stole your data
While no one wants to be in a situation where personal information was exposed,… More
Me and 143 million of my closest friends may have had our personal information inappropriately accessed through a breach at Equifax–is there no safe haven anywhere? Deferring that question for another day, here are the instructions from the FTC on how to check if your data is implicated. The first time I tried, I could not access the site:
I waited an hour and went back to the site. … More
This week’s issue of the New England Journal of Medicine features two interesting articles about the federal HITECH Act and its role in promoting electronic health records: The HITECH Era and the Path Forward, and The HITECH Era in Retrospect. More
As we’ve blogged in the past, the cannabis industry is particularly susceptible to cyberattacks. With threats like a federal crackdown and workplace drug testing, customers have a vested interest in keeping their information private. Unfortunately, the newly-legal cannabis industry has limited experience with data security. While traditional industries have the benefit of expertise and mature regulatory oversight to foster best cybersecurity practices,… More
A Massachusets court recently held that a defendant cannot be compelled to provide a cell phone PIN number to a cell phone that is seized in an arrest, because doing so would be self-incriminating. In Commonwealth v. Jones, the Superior Court reasoned in part that
The fact that the LG Phone was found on Mr. Jones’ person at the time of his arrest is notable and helpful to the Commonwealth,… More
As we have noted before in this space, states have begun going through the process of amending their data breach notification laws. California, for example, recently amended its data breach notification statute to expand the definition of personal information. Illinois did the same, and adjusted its safe harbor provision. And New York created first-of-its-kind financial sector cybersecurity regulations. … More