2022, Data collection and Education - Information Management Today

FTC Takes Action Against Chegg for Alleged Security Failures that Exposed Data of Employees and 40 Million Consumers

Hunton Privacy

NOVEMBER 2, 2022

On October 31, 2022, the Federal Trade Commission announced a proposed settlement with education technology provider Chegg in connection with the company’s alleged poor cybersecurity practices. .

Authentication

Authentication Security Encryption Data collection

New Android malicious library Goldoson found in 60 apps +100M downloads

Security Affairs

APRIL 15, 2023

The collected data is sent to the C2 server every two days, but the cycle depends on the remote configuration. The level of data collection depends on the permissions granted to the app using the malicious library. App developers should be upfront about libraries used and take precautions to protect users’ information.”

Libraries

Libraries Data collection Education Security

New York Legislature Considers New York Child Data Privacy and Protection Act

Hunton Privacy

OCTOBER 25, 2022

On September 23, 2022, New York State Senator Andrew Gounardes introduced S9563 , also known as the “New York Child Data Privacy and Protection Act.” collecting, retaining, processing or selling personal data of child users where the online product is intended primarily for educational purposes.

Data Privacy

Data Privacy Privacy Personal data Sales

Spotlight: 1950 Census Public Service Announcements

Unwritten Record

MARCH 22, 2022

On April 1, 2022, the National Archives will release the 1950 Census population schedules online. The following PSA’s were created in advance of the 1950 Census to educate the American public on the importance of the census, how the census works, and who would physically be conducting the census.

Data collection

Data collection Archiving Libraries Education

Phishers migrate to Telegram

Security Affairs

APRIL 6, 2023

User personal data for sale. Crooks offers data collected through phishing campaign to the subscribers. Data includes verified online banking credentials, in some cases phishers also provides info on the account balances. “The higher the balance, the more money scammers will typically charge for the credentials.”

Phishing

Phishing Sales Archiving Personal data

Developments in Health Privacy and Cybersecurity Policy and Regulation: OCR Issues Cybersecurity Warnings and New Health Data Legislation Is Introduced

Data Matters

MARCH 28, 2022

On March 17, 2022, the U.S. However, these changes would not address what many see as an industry gap because HIPAA only covers health data collected, used, stored, and transmitted by Covered Entities (healthcare providers, health plans, and healthcare clearinghouses) and their Business Associates.

Cybersecurity

Cybersecurity Privacy Insurance Risk

Biden AI Order Enables Agencies to Address Key Risks

Hunton Privacy

OCTOBER 31, 2023

It marks the Biden Administration’s most comprehensive action on artificial intelligence policy, building upon the Administration’s Blueprint for an AI Bill of Rights (issued in October 2022) and its announcement (in July 2023) of securing voluntary commitments from 15 leading AI companies to manage AI risks. Supporting Workers.

Risk

Risk Artificial Intelligence Privacy Military

Connecticut Makes Five: The Constitution State Enacts Broad Data Privacy Law Effective July 2023

Data Matters

JUNE 22, 2022

Potentially stronger trade secret protections – The law expressly allows controllers to deny requests for access or copies of personal data if doing so reveals a trade secret. Also exempt are HIPAA covered entities and business associates, nonprofits, governmental entities and institutions of higher education.

Data Privacy

Data Privacy Privacy Personal data Sales

Threat Report Portugal: Q3 & Q4 2022

Security Affairs

APRIL 6, 2023

The Threat Report Portugal: H2 2022 compiles data collected on the malicious campaigns that occurred from July to December, H2, 2022. The Portuguese Abuse Open Feed 0xSI_f33d is an open-sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática.

Phishing

Phishing Data collection Retail Security awareness

House and Senate Release a Bipartisan U.S. Federal Privacy Bill

Hunton Privacy

JUNE 15, 2022

On June 3, 2022, House Energy and Commerce Chair Rep. Roger Wicker (R-MS) released a new comprehensive federal privacy bill, the American Data Privacy and Protection Act (“ADPPA”). On June 14, 2022, the House Energy and Commerce Committee held a hearing to discuss the ADPPA. Frank Pallone (D-NJ), Ranking Member Rep.

Privacy

Privacy Marketing Data collection Access

California Governor Signs into Law Bills Updating the CPRA and Bills Addressing the Privacy and Security of Genetic and Medical Data, Among Others

Hunton Privacy

OCTOBER 14, 2021

This bill becomes effective January 1, 2022. Genetic Data: California Data Breach Notification and Data Security Law Amendment Bill. AB-825 : This bill amends California’s (1) data breach notification law (for both government agencies (Cal. Genetic Data: Genetic Testing Privacy Bill.

Privacy

Privacy Insurance Security Data breaches

Apply the law where breached servers are located?

Data Protection Report

JULY 8, 2022

On June 28, 2022, a federal trial court in South Carolina ruled that a group of consumers could proceed with common law negligence and gross negligence claims if they could meet the state law elements where the breached servers were located—in this case, Massachusetts. Customer Data Breach Litigation , Case No.: June 28, 2022).

Data breaches

Data breaches Ransomware Data collection Analytics

Nation-State-Sponsored Attacks: Not Your Grandfather’s Cyber Attacks

Data Matters

MAY 17, 2022

*Reprinted with permission from the May 6, 2022 edition of the New York Law Journal © 202X ALM Global Properties, LLC. In March 2022, the White House issued a dramatic warning based on “evolving intelligence” about potential Russian cyberattacks on the United States in response to U.S.-imposed All rights reserved. Agency (Feb.

Cybersecurity

Cybersecurity Government Authentication Ransomware

The Hacker Mind Podcast: The Internet As A Pen Test

ForAllSecure

MAY 17, 2023

My healthcare is always going to be one again, it's a vertical healthcare and education, both where you have large amounts of very sensitive information, but not necessarily the budgets to secure it effectively. We're seeing that changing some in the latter half of 2022 ransomware actually kind of appears to be flattening off.

Insurance

Insurance Privacy Ransomware GDPR

The Week in Cyber Security and Data Privacy: 22 – 28 April 2024

IT Governance

APRIL 29, 2024

Source (New) Finance USA Yes 1,955,385 BerryDunn and Reliable Networks Source (New) Finance and IT services USA Yes 1,107,354 VISAV Limited Source (New) IT services UK Yes >1,000,000 Designed Receivable Solutions, Inc. Source 1 ; source 2 (Update) Finance USA Yes 498,686 J.P.

Data Privacy

Data Privacy Privacy Manufacturing Security

Information Management Today

FTC Takes Action Against Chegg for Alleged Security Failures that Exposed Data of Employees and 40 Million Consumers

New Android malicious library Goldoson found in 60 apps +100M downloads

Trending Sources

New York Legislature Considers New York Child Data Privacy and Protection Act

Spotlight: 1950 Census Public Service Announcements

Phishers migrate to Telegram

Developments in Health Privacy and Cybersecurity Policy and Regulation: OCR Issues Cybersecurity Warnings and New Health Data Legislation Is Introduced

Biden AI Order Enables Agencies to Address Key Risks

Connecticut Makes Five: The Constitution State Enacts Broad Data Privacy Law Effective July 2023

Threat Report Portugal: Q3 & Q4 2022

House and Senate Release a Bipartisan U.S. Federal Privacy Bill

California Governor Signs into Law Bills Updating the CPRA and Bills Addressing the Privacy and Security of Genetic and Medical Data, Among Others

Apply the law where breached servers are located?

Nation-State-Sponsored Attacks: Not Your Grandfather’s Cyber Attacks

The Hacker Mind Podcast: The Internet As A Pen Test

The Week in Cyber Security and Data Privacy: 22 – 28 April 2024

Stay Connected