All Data Breaches articles

  • Cybersecurity shield

    Uber CSO ruling fallout: Individual liability extends to data breach response


    The case of the Uber chief security officer found guilty by a jury on two felonies for covering up a data breach and misleading federal regulators opens up another potential individual liability issue executives handling cyber incidents face, according to legal experts.

  • FTC seal

    FTC seeks to expand authority on data breaches, commercial surveillance


    The Federal Trade Commission is seeking comment on potential rules that would penalize companies that suffer data breaches due to lax cybersecurity protocols and punish firms that engage in abusive commercial surveillance practices.

  • SEC

    SEC proposes companies report cybersecurity incidents within four days


    Public companies would have to report material cybersecurity incidents no later than four business days after they occur if a rule proposed by the Securities and Exchange Commission takes effect.

  • T-Mobile

    CEO: T-Mobile ‘humbled’ by data breach, taking steps to prevent future attacks


    T-Mobile CEO Mike Sievert lamented the recent breach of company servers that led to a hacker stealing the personal information of nearly 55 million customers, but said the company is “fully committed to take our security efforts to the next level.”

  • prevalent feb cover img

    White paper: Achieving Compliance with TPRM Regulatory and Framework Requirements

    2020-02-25T05:37:00Z Provided by

    Measuring compliance against third-party risk management requirements is complex and time consuming; and with growing numbers of data breaches originating with third parties and all the regulatory activity that comes as a result, it never lets up.

  • conduent gdpr cover img

    e-Book: Firms face mounting pressure from GDPR

    2020-01-17T05:34:00Z Provided by

    More firms have been stymied by the General Data Protection Regulation.

  • Blog

    Senators demand data use answers from Grindr


    In response to media reports that the LGBTQ dating app Grindr shared information about users’ HIV statuses with third parties, Senators Edward J. Markey and Richard Blumenthal are demanding answers about the company’s data practices.

  • Blog

    Big banks want nationwide breach standards


    the Financial Services Roundtable, a trade group for the nation’s largest banks, is calling upon Congress to “enact a strong set of national data security standards” in efforts to better protect consumers and sensitive financial information.

  • Blog

    FSR: Congress must enact data breach legislation


    The Financial Services Roundtable is urging  Congress to enact stronger data security legislation and ensure sensitive financial information is kept safe.

  • Blog

    Bill targets credit reporting agencies for consumer data leaks


    The newly introduced Data Breach Prevention and Compensation Act is intended to hold large credit reporting agencies more accountable for data breaches. The bill would give the Federal Trade Commission greater supervisory authority over data security at CRAs.

  • Blog

    Data breaches hound SEC’s CAT plan, inspire legislation


    A massive, soon-to-launch SEC database faces renewed scrutiny and delay demands in response to a recently disclosed cyber-breach.That attack, and other breaches, are also serving as the catalyst for both new and resurrected legislation in Congress.

  • Blog

    GAO warns SEC about data protection practices


    A report by the Government Accountability Office finds that while the SEC has made strides in improving the security of its data and resolving previously identified problems, “weaknesses continue to limit the effectiveness of other security controls.” Joe Mont explores what steps the Commission should take, according to the report.

  • Article

    Enforcement Action May Be Omen of SEC’s Cyber-Security Plans


    An investment adviser firm in St. Louis has become the (painful) test subject for the SEC’s attitude on cyber-security matters. The case, observers say, is a warning that the agency is moving away from guidance and toward enforcement. So what will the SEC consider to be “reasonable” security efforts? Will ...

  • Blog

    Transforming the Cyber-Security Paradigm


    Though data breaches are inevitable, companies still remain too focused on fortification rather than response, failing to adopt to the harsh realities of rapidly emerging international and multifarious cyber-security threats. Inside, columnist John Reed Stark recommends a three-step cyber-security transformation for companies to undertake to combat recent rapidly evolving cyber-dangers.

  • Article

    Preparing Your Board for Cyber-Security Oversight


    Every board knows its company will fall victim to a cyber-attack and, worse, that the board will need to clean up the mess and superintend the fallout. This week, guest columnist John Stark, a long-time student of cyber-security risks, breaks down the fundamentals any board must establish for cyber-security, and ...

  • Blog

    Retailers Decry Prospect of Bank-Like Data Security Rules


    The National Retail Federation is asking Congress to reject any legislation that would impose data security rules designed for the banking industry upon non-bank businesses. An overly broad expansion of data security standards similar to Gramm-Leach-Bliley Act guidelines would “be a serious error,” it says.

  • Blog

    White House Unveils New Data Security Efforts


    On Monday, President Barack Obama proposed several new initiatives intended to enhance data security and combat identity theft. Among the proposals is legislation requiring companies to notify customers within 30 days when their personal information has been exposed, criminalizing the overseas trade in identities, and preventing certain uses of student ...