During the last Privacy Law class of the semester, we discuss Privacy and Emerging Technology. My students continue to learn about the collection, use, disclosure, and monetization of consumers’ data, and continue to be...more
On November 13, 2023, Governor Kathy Hochul released proposed cybersecurity regulations applicable to all hospitals located within the state of New York. The Governor has included $500 million in grant funding in her FY24...more
11/17/2023
/ Cybersecurity ,
Data Protection ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
New York ,
Patient Privacy Rights ,
PHI ,
Proposed Regulation ,
Regulatory Agenda ,
Regulatory Reform
Boeing has confirmed that its parts and distribution site has been attacked by LockBit ransomware, which is believed to be Russian based. Boeing has said that the attack has not affected flight safety. Boeing is investigating...more
On October 30, 2023, President Biden issued the “Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence” (AI EO), which has specific impacts on the healthcare industry. We detailed...more
On October 31, 2023, the Office for Civil Rights (OCR) issued a press release announcing that it has settled with Doctors’ Management Services for $100,000 following a ransomware attack that compromised the protected health...more
11/10/2023
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Department of Health and Human Services (HHS) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Information Technology ,
OCR ,
Popular ,
Ransomware ,
Settlement
Let us take time this week to thank current members of the military and all veterans for their service in protecting our country and democracy. As the daughter of a veteran, I am profoundly grateful to all of our service...more
CYBERSECURITY -
Hackers Steal $4.4M Crypto Using Data Linked to LastPass Breach -
According to Bleeping Computer, crypto fraud researchers at ZachXBT, and MetaMask developer Taylor Monahan have reported that on October 25,...more
11/8/2023
/ Artificial Intelligence ,
Biden Administration ,
Cryptocurrency ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Drones ,
Hackers ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Securities and Exchange Commission (SEC) ,
SolarWinds
CYBERSECURITY -
Hackers Steal $4.4M Crypto Using Data Linked to LastPass Breach -
According to Bleeping Computer, crypto fraud researchers at ZachXBT, and MetaMask developer Taylor Monahan have reported that on October 25,...more
11/7/2023
/ Artificial Intelligence ,
Cryptocurrency ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Drones ,
Hackers ,
Imports ,
Popular ,
Ransomware ,
SolarWinds
We previously reported on the unfortunate data breach suffered by 23andMe last month and its implications. We never imagined how horrible it could be....more
On October 30, 2023, the Biden Administration issued its “Executive Order on the Safe, Secure, and Trustworthy Development and use of Artificial Intelligence.” The EO outlines how Artificial Intelligence (AI) “holds...more
In a first, bold move by the Securities and Exchange Commission (SEC) following its new Rules on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure by Public Companies, issued on July 26, 2023, this...more
11/6/2023
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Enforcement Actions ,
Failure To Disclose ,
Information Technology ,
Investment Fraud ,
Publicly-Traded Companies ,
Regulatory Requirements ,
Securities and Exchange Commission (SEC) ,
Securities Regulation ,
Securities Violations ,
SolarWinds
According to Bleeping Computer, crypto fraud researchers at ZachXBT, and MetaMask developer Taylor Monahan have reported that on October 25, 2023, “hackers have stolen $4.4 million in cryptocurrency using private keys and...more
According to a press release, Personal Touch, a home health company located on Long Island, has reached a settlement with New York Attorney General Letitia James for $350,000 for a data breach that occurred in January of 2021...more
If you didn’t get to watch “60 Minutes” on Sunday and see the “Five Eyes” warn us all about China, put it on your list to watch soon.
The Five Eyes are the intelligence leaders of five allied countries: U.S., Canada,...more
Resilience issued its Midyear 2023 Claims Report, which is well worth the read.
In addition to commenting on the impact of the MOVEit incident, some of the key findings include...more
Credit reporting agencies TransUnion, Experian, and Equifax have extended their programs to provide consumers with the ability to access their credit reports for free on a weekly, rather than yearly, basis....more
The Cybersecurity & Infrastructure Security Agency, FBI, and MS-ISAC recently released an urgent Joint Advisory on the Atlassian Confluence Vulnerability CVE-2023-22515.
According to the Alert, “this critical vulnerability...more
10/23/2023
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
FBI ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Technology ,
Popular ,
Ransomware ,
Vulnerability Assessments
The writers’ strike included the concern that AI would put writers out of business. According to one writer, David Vuijsje, “[T]he creative industry stands at a crossroads where technology and human creativity must learn to...more
On October 12, 2023, the Health Sector Cybersecurity Coordination Center (HC3) issued an Alert to the healthcare industry about a “new threat actor and ransomware,” NoEscape, which is threatening health care organizations....more
10/23/2023
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Hackers ,
Information Technology ,
Malware ,
Personally Identifiable Information ,
Ransomware ,
Risk Management ,
Vulnerability Assessments
CYBERSECURITY -
Urgent Joint Cybersecurity Advisory on Atlassian Vulnerability Issued -
The Cybersecurity & Infrastructure Security Agency (CISA), FBI, and MS-ISAC recently released an urgent Joint Advisory on the...more
CYBERSECURITY -
CISA Launches Cybersecurity -
Public Awareness Campaign To kick off the twentieth annual Cybersecurity Awareness Month, the Cybersecurity and Infrastructure Security Agency (CISA) has announced that CISA and...more
10/16/2023
/ Artificial Intelligence ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Drones ,
Electronic Protected Health Information (ePHI) ,
Federal Aviation Administration (FAA) ,
Federal Trade Commission (FTC) ,
Financial Services Industry ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Popular ,
Vulnerability Assessments
I was preparing to teach my next privacy law class on the subject matter of online privacy, when I discovered a good article (though in full disclosure, it is an ad) on protecting your privacy and personal information online....more
According to Bloomberg and Reuters, as reported by MSN.com, the U.S. Space Force has “paused the use of web-based generative artificial intelligence (AI) tools like ChatGPT over data security concerns.”...more
We have posted blogs before on sharing genetic information and the risk associated with the disclosure of such sensitive information.
Unfortunately, our concerns have been realized....more
The Cybersecurity & Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released a Joint Cybersecurity Advisory on October 11, 2023, urging companies (particularly those in the critical...more
10/13/2023
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
FBI ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Information Technology ,
Popular ,
Ransomware ,
Risk Management ,
Vulnerability Assessments