Almost Entire Ecuadorian Population Affected by Largest Data Breach in Country’s History
Latest Articles
Why Having a Chief Data Ethics Officer is Worth Consideration
Emerging technology has vastly outpaced corporate governance and strategy, and the use of data in the past has consistently been “grab it” and figure out a way to use it and monetize it later. Today’s consumers are becoming more educated and savvy about how companies are collecting, using and monetizing their data, and are starting to make buying decisions based on privacy considerations, and complaining to regulators and law makers about how the tech industry…
Privacy Tip #208 – Last Pass Patches Bug that Leaks Passwords
I am not a big fan of putting all of one’s passwords in one place, but many people use password managers. If you use Last Pass (see previous blog posts about Last Pass here and here), be aware that it was recently advised by a Google Project Zero researcher that there was a vulnerability that made it possible for websites to steal credentials using a Chrome or Opera extension. (Last Pass subsequently announced that…
School System Victimized by Second Ransomware Attack in Months
The Wolcott school system in Wolcott, Connecticut has been recovering for four months from a ransomware attack that hit its system at the end of the school year. Last week, it was hit with a second attack. According to reports, the cyber criminals behind the recent ransomware attack were holding teacher lesson plans hostage. The school system shut down its computer system again and are devoting resources to combat the recent attack. Needless to say,…
Municipalities and School Systems: Educate Your Employees
The pace and number of cyber-attacks against municipalities and school systems is staggering and likes of which we have never seen. Municipalities and school systems are obvious targets for cyber criminals as it is well known that resources are scarce to implement measures to combat cyber-attacks.
Nearly all of the attacks that we’ve written about or are following are caused because an employee has clicked on a phishing email that contained malicious code known as…
Privacy Tip #207 – Digital Assets
I haven’t written about digital assets in a while [view related posts] and I was reminded of the importance of putting digital assets into your estate plan this week in a conversation with a colleague.
After my experience of serving as the executor of three estates, it became clear to me how important it is to include digital assets into an estate plan. Including these assets and the information needed by heirs and executors…
July 2019 Ranks Highest in History for Health Care Data Breaches
July 2019 was the worst month in history for health care data breaches, with a total of 50 breaches that affected more than 500 records reported to the Office for Civil Rights (OCR), according to HIPAA Journal. Those 50 reportable data breaches exposed more than 35 million individuals’ health care records.
HIPAA Journal opines that the “main reason for the increase in reported data breaches in July is the colossal data breach at American Medical…
Keep Privacy Shield Certification on the Radar Screen
After all of the GDPR compliance assessments, implementation and hullaballoo in the last year or so, many companies chose to certify that they are compliant with the EU-U.S. Privacy Shield framework rather than implementing a full-blown GDPR compliance program.
To attain Privacy Shield certification, companies must submit an application and certify that when consumer data is transferred from the EU to a U.S. company, the transfer has been done in compliance with EU law. Once…
Privacy Tip #206 – Be Mindful of Calendar Invites—They Can Contain Spam
Spam is invading all aspects of our online life, and of late, even our online calendars. I hadn’t thought about embedded malware in calendar invites until I read an informative krebsonsecurity.com blog article this week. I think this is something everyone should know about and be mindful of when receiving calendar invites.
Calendar invites are so easy and helpful in organizing our calendar, and I am always grateful when someone sends me one as it…
Colleges and Universities at Risk for Cyber-Attacks as School Year Starts
It’s a busy time for colleges and universities as the fall semester starts and campuses are bustling with activity. It’s also the perfect time for cyber criminals to create mayhem for institutions of higher education with a cyber-attack.
That is exactly what happened to Regis University in Denver, Colorado. The university had to shut down its computer system, telephone system and all email services this week because of a cyber-attack that it believes was instigated…