You may have already had your bracket busted by now…..but you should have Mintz Levin’s Third Annual Employment Law Summit on your schedule and the panel on Cybersecurity and Employee Data Breaches may help you avoid a...more
Recently, a Google researcher discovered a serious flaw with the content delivery network (CDN) provided by CloudFlare. This vulnerability has now become known as Cloudbleed, in a nod to the earlier Heartbleed SSL...more
On Wednesday, March 8, James B. Comey, Director of the FBI, was at Boston College to deliver the keynote address for the inaugural Boston Conference on Cyber Security (BCCS 2017). Director Comey addressed various industry,...more
Last week, Snap Inc. (“Snap” or the “Company”) – the parent company of the wildly popular app Snapchat (“Snapchat” or the “App”) – became a publicly traded company on the New York Stock Exchange in the biggest tech IPO since...more
In an effort to combat the growing prevalence of large-scale corporate cyberattacks, the New York Department of Financial Services (“NYDFS”) is rolling out a revamped cybersecurity regulation for financial services companies...more
Five Things You (and Your M&A Diligence Team) Should Know -
Recently it was announced that Verizon would pay $350 million less than it had been prepared to pay previously for Yahoo as a result of data breaches that...more
It’s that taxing time of the year. Employees have received W-2 forms and the tax filing season has begun in earnest. And, as night follows day, last year’s W-2 spear-phishing scam has returned. The IRS and state tax...more
The Securities and Exchange Commission (SEC) is investigating whether Yahoo! should have reported the two massive data breaches it experienced earlier to investors, according to individuals with knowledge. The SEC will...more
With Inauguration Day upon us, it’s time for a #MLWashingtonCyberWatch update. President-elect Donald Trump has vocalized his support for the future of “cyber” throughout his campaign – but how will members of his cabinet...more
The U.S. Federal Trade Commission (“FTC”) has filed a lawsuit against device manufacturer D-link for allegedly deceiving the marketplace about the security of its products and, in turn, unfairly placing customer privacy at...more
It’s a new year, and time for the Financial Industry Regulatory Authority (FINRA)’s annual Regulatory and Examination Priorities Letter (the “2017 Letter”) We remind regulated entities of this list of examination...more
The New York State Department of Financial Services has announced — much to the relief of the multitude of financial services companies and insurers regulated by DFS — that it will revamp its recently proposed cybersecurity...more
The Obama White House has grappled with cybersecurity more than any administration in history: China’s 2009 hack of Google, the 2015 Office of Personnel Management breach, and the recent investigation of Russian cyberattacks...more
The growing scale of cybersecurity concerns is prompting action from government leadership on the federal level. Before the Thanksgiving recess, the House’s Committee on Energy and Commerce got in on the act when two of its...more
Even president-elect Donald Trump has been the victim of a data breach. Several times actually. The payment card system for his Trump Hotel Collection was infected by malware in May 2014 and 70,000 credit card numbers were...more
Over the last week, details have become available to explain how an attack against a well-known domain name service (DNS) provider occurred. What about the potential legal risks? We will attempt to provide insights into...more
Imagine you are the CEO of company sitting across from an interviewer. The interviewer asks you the age old question, “So tell me about your company’s strengths and weaknesses?” You start thinking about your competitive...more
The New York Department of Financial Services recently announced a new proposed rule, which would require financial institutions and insurers to implement strong policies for responding to cyberattacks and data breaches. ...more
Last week the clothing retailer Eddie Bauer LLC issued a press release to announce that its point of sale (“POS”) system at retail stores was compromised by malware for more than six months earlier this year. The...more
According to the FBI, “there are only two types of companies: those that have been hacked and those that will be.” It does not take an actual data breach, however, for a company to be liable for its data security practices. ...more
7/20/2016
/ Consumer Financial Protection Bureau (CFPB) ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Security ,
Dwolla ,
FinTech ,
FTC v Wyndham ,
Hackers ,
Personal Data ,
Privacy Laws
Not all the news coming out of Europe these days is about Brexit. In fact, the forces of unity and harmonization remain a top priority for European regulators hoping to combat digital security threats and create a safer and...more
7/11/2016
/ Amazon ,
Cyber Incident Reporting ,
Cyber Threats ,
Cybersecurity ,
Digital Service Providers ,
Digital Single Market ,
eBay ,
EU ,
European Commission ,
Google ,
International Harmonization ,
Member State ,
Multinationals ,
Network and Information Security Directive ,
Operators of Essential Services
Colorado is the latest state to revisit, and expand upon, its laws pertaining to the use and protection of student data. Colorado Governor John Hickenlooper recently signed into law House Bill 16-1423 (the “Bill”) designed to...more
The Department of Homeland Security (DHS) and the Department of Justice (DOJ) have issued the long-awaited final procedures for both Federal and Non-Federal Entities under the Cybersecurity Information Sharing Act (CISA)...more
Sophisticated phishing scams and muscular hacking efforts continue to compromise personal and sensitive information held by insurers, hospital systems, and businesses large and small. In response, many states have...more
6/15/2016
/ Breach Notification Rule ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Encryption ,
Exemptions ,
Gramm-Leach-Blilely Act ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HITECH Act ,
Personal Data ,
Personal Information Protection Act ,
Personally Identifiable Information ,
Phishing Scams ,
PIPA ,
Safe Harbors ,
State Data Breach Notification Statutes
The Payment Card Industry Security Standards Council (PCI SSC) has released a new version of its data security standard for the protection of cardholder data, the Payment Card Industry Data Security Standard (PCI DSS). PCI...more