Data Protection Report

JUNE 14, 2022

As privacy incidents and security breaches involving personal information become increasingly frequent, organizations are more and more aware of the importance of implementing a robust privacy program to mitigate the risks and impacts of such incidents. Legal Obligations. Procedural Considerations.

Privacy 52

Privacy Data breaches Compliance Financial Services 52

erwin

APRIL 11, 2019

In fact, organizations should expect increasing pressure on lawmakers to introduce new data protection regulations. A number of high-profile data breaches and scandals have increased public awareness of the issue. The Regulatory Rationale for Integrating Data Management & Data Governance. employees).

GDPR 100

GDPR e-Discovery Compliance Metadata 100

Security Affairs

APRIL 6, 2023

A digital identification tool provided by OCR Labs to major banks and government agencies leaked sensitive credentials, putting clients at severe risk. Its services are used by companies and financial institutions including BMW, Vodafone, the Australian government, Westpac, ANZ, HSBC, and Virgin Money.

IT 85

IT Financial Services Access Risk 85

Krebs on Security

JANUARY 25, 2022

Then in mid-January, Jim heard from MSF via snail mail that they’d discovered a data breach. MSF said the personal information involved in this incident may have included name, date of birth, government-issued identification numbers (e.g., 14, 2022 breach notification letter from tribal lender Mountain Summit Financial.

Financial Services 217

Financial Services IT Data breaches Authentication 217

Data Protection Report

NOVEMBER 2, 2023

On November 1, 2023, the New York Department of Financial Services (NYDFS) finalized the second amendment to its cybersecurity regulations, which are available here. The rules contain the provisions we had described in the original NYDFS proposal a year ago (see our blog post here ), but include some changes.

Cybersecurity 105

Cybersecurity Compliance Financial Services Government 105

Thales Cloud Protection & Licensing

APRIL 29, 2024

However, a relentless barrage of data breaches, ransomware attacks, and sophisticated cyber threats steadily erodes this trust. This blog will briefly overview the most essential developments shaping the legislative and compliance environment. To that effect, NIST recently updated its Cybersecurity Framework (CSF) 2.0

Compliance 71

Compliance Cybersecurity Risk Manufacturing 71

IT Governance

AUGUST 26, 2021

In this blog, we look at the key issues that you will face. For example, financial services firms may be worried about employees breaching insider trading laws. Preventing data breaches. Protecting employees’ privacy.

Compliance 119

Compliance Data breaches Privacy Risk 119

Security Affairs

APRIL 20, 2023

In 2022, the ICICI Bank’s resources were named a “critical information infrastructure” by the Indian government – any harm to it can impact national security. However, despite the critical status of bank infrastructure on the national level, the security of crucial data was not ensured. million files belonging to ICICI Bank.

Personal data 96

Personal data Phishing Risk Financial Services 96

Data Protection Report

JANUARY 6, 2020

The Court of Justice of the European Union (CJEU) will determine the validity of the EU Standard Contractual Clauses (SCCs) ( Data Protection Commissioner v Facebook Ireland Limited, Maximillan Schrems ) whilst the General Court of the EU will consider the future of Privacy Shield (La Quadrature du Net v Commission). In the U.S.,

Privacy 84

Privacy GDPR Data breaches Risk 84

Thales Cloud Protection & Licensing

DECEMBER 11, 2018

As I was starting to write this blog, yet another retail program data breach occurred, for Marriott’s Starwood loyalty program. To make a long story short – the top reason that they didn’t invest in data security was “lack of perceived need” at 52%. This had me asking a simple question – Why? Doing the math perhaps?

Retail 66

Retail Data breaches Encryption Mining 66

IT Governance

FEBRUARY 21, 2024

402,437,094 known records breached in 240 publicly disclosed incidents Welcome to this week’s global round-up of the biggest and most interesting news stories. At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks.

Data Privacy 52

Data Privacy Manufacturing Privacy Energy and Utilities 52

Data Protection Report

AUGUST 2, 2022

Organizations should also be aware of sector-specific statutory obligations which may apply to them, for example in health or financial services industries. In this post we discuss the operational advantages of a good privacy breach record-keeping program. Risk management and mitigation.

Compliance 137

Compliance Privacy Risk Financial Services 137

Data Matters

JANUARY 2, 2018

This past year was marked by ever more significant data breaches, growing cybersecurity regulatory requirements at the state and federal levels and continued challenges in harmonizing international privacy and cybersecurity regulations. Data breach litigation risks. We expect each of these trends to continue in 2018.

Cybersecurity 68

Cybersecurity Privacy Data breaches GDPR 68

Data Protection Report

JANUARY 6, 2020

The Court of Justice of the European Union (CJEU) will determine the validity of the EU Standard Contractual Clauses (SCCs) ( Data Protection Commissioner v Facebook Ireland Limited, Maximillan Schrems ) whilst the General Court of the EU will consider the future of Privacy Shield (La Quadrature du Net v Commission). In the U.S.,

Privacy 52

Privacy GDPR Data breaches Risk 52

ARMA International

NOVEMBER 7, 2019

The scope of a records and information management (RIM) program in financial services can seem overwhelming. Compared to other industries, the complexities of managing records and information in financial services are arguably some of the toughest to solve, primarily because of the intense regulatory scrutiny.

Financial Services 52

Financial Services Communications Compliance Risk 52

Data Matters

AUGUST 5, 2019

On July 25, 2019, Governor Cuomo signed the two bills into law, one which amended the state’s data breach notification law, and another that created additional obligations for data breaches at credit reporting agencies. The Identity Theft Prevention and Mitigation Services Act. codified at N.Y.

Cybersecurity 68

Cybersecurity Data breaches Privacy Risk 68

Thales Cloud Protection & Licensing

JULY 24, 2018

Question: Can you provide an overview of the 2018 Thales Data Threat Report, Federal Edition, and elaborate why it’s needed today more than ever? Our 2018 Thales Data Threat Report, Federal Edition , issued in conjunction with analyst firm 451 Research, polled U.S. I think it’s worth further expanding on our cloud technology findings.

Encryption 48

Encryption Cloud Data breaches Government 48

IT Governance

JULY 31, 2019

Croatian government targeted by mysterious hackers (unknown). Philadelphia Federal Credit Union confirms security breach (unknown). State-sponsored hackers breach Greece’s top-level domain registrar (unknown). University of Alabama discovers 10-year-old account breach (1,400). Data breaches.

Data breaches 111

Data breaches Ransomware Personal data Government 111

HL Chronicle of Data Protection

DECEMBER 7, 2018

Determining whether information a financial institution processes is covered by the exemption or not can be challenging and is something that financial institutions will need to analyze for their operations. The legislature also clarified that the exemption does not apply to the data breach liability provisions of the CCPA.

Privacy 40

Privacy Financial Services Compliance Data breaches 40

Data Matters

FEBRUARY 12, 2019

Establishing rules and procedures governing requests from consumers to opt-out of the sale of personal information, including through the development and use of a recognizable and uniform opt-out logo or button by all businesses to promote consumer awareness of the opportunity to opt-out. Rules for Opt-Out of Sale. What are the next steps?

Sales 74

Sales Privacy Data Privacy Compliance 74

Hunton Privacy

OCTOBER 17, 2012

The new law will apply only to data processing in the private sector as data processing by public agencies (or organizations acting on behalf of public agencies) are already subject to internal government rules. In addition, the bill does not impose a generally applicable data breach notification requirement.

Personal data 45

Personal data Financial Services Data Privacy Data breaches 45

IT Governance

MARCH 11, 2024

66,702,148 known records breached in 103 newly disclosed incidents Welcome to this week’s global round-up of the biggest and most interesting news stories. At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Data breached: 6.9

Data Privacy 87

Data Privacy Privacy Security Data breaches 87

IT Governance

JANUARY 16, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. The data is no longer publicly available. Data breached: >223,000,000 records. Data breached: >7,000,000 records. Data breached: 5,500,000 records.

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

IT Governance

DECEMBER 11, 2023

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Data breached: more than 59 million data records. BianLian claims to have exfiltrated 5 TB of data, comprising millions of sensitive documents. Akumin Inc.

Data Privacy 101

Data Privacy Energy and Utilities Privacy Manufacturing 101

IT Governance

JANUARY 23, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. The data set is a collection of 1 billion credentials sourced from stealer logs and hosted on the illicit.services website. Data breached: 70,840,771 email addresses.

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

HL Chronicle of Data Protection

SEPTEMBER 12, 2018

The CCPA’s private right of action is limited to data breach violations. provide additional CCPA analyses and reports. The original exemption did not address protected health information collected by business associates. Clarification of the scope of the private right of action.

Privacy 40

Privacy Compliance GDPR Data breaches 40

IT Governance

JULY 13, 2018

This week, we discuss operational resilience in the banking and financial market infrastructures sectors, a data breach affecting Thomas Cook subsidiaries, London’s proposed new court building and the latest development in the Facebook/Cambridge Analytica scandal. Here are this week’s stories.

Marketing 66

Marketing Business Services Data breaches Paper 66

Data Matters

NOVEMBER 22, 2021

Further, bank service providers are now required to promptly notify all affected banks whenever a cybersecurity disruption lasts for four or more hours. The rule is the latest regulation requiring entities who have suffered a cybersecurity incident to promptly notify a government agency. Background.

Cybersecurity 117

Cybersecurity Insurance Financial Services Marketing 117

Data Matters

MAY 17, 2022

It used to be that data breaches were all about cyber-crooks hacking computer systems to steal personal information, followed by an affected company sending regretful notification letters offering a year or two of complimentary credit monitoring. and foreign government agencies. All rights reserved. imposed economic sanctions.

Cybersecurity 97

Cybersecurity Government Authentication Ransomware 97

Data Matters

MARCH 21, 2022

The reporting requirements will cover multiple sectors of the economy, including chemical industry entities, commercial facilities, communications sector entities, critical manufacturing, dams, financial services entities, food and agriculture sector entities, healthcare entities, information technology, energy, and transportation.

Ransomware 97

Ransomware Cybersecurity Agriculture Communications 97

Data Matters

APRIL 23, 2018

Increasingly, thought leaders, professional organizations, and government agencies are beginning to provide answers. Creating an enterprise-wide governance structure. Creating an Enterprise-Wide Governance Structure. Aligning cyber risk with corporate strategy.

Cybersecurity 60

Cybersecurity Risk Passwords Authentication 60

IT Governance

APRIL 29, 2024

5,255,944,117 known records breached in 128 newly disclosed incidents Welcome to this week’s global round-up of the biggest and most interesting news stories. At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks.

Data Privacy 94

Data Privacy Privacy Manufacturing Security 94

erwin

NOVEMBER 14, 2019

Data governance tools used to occupy a niche in an organization’s tech stack, but those days are gone. The rise of data-driven business and the complexities that come with it ushered in a soft mandate for data governance and data governance tools. Data Governance Tools for Regulatory Compliance.

Government 105

Government Data breaches Metadata GDPR 105

erwin

NOVEMBER 14, 2019

Data governance tools used to occupy a niche in an organization’s tech stack, but those days are gone. The rise of data-driven business and the complexities that come with it ushered in a soft mandate for data governance and data governance tools. Data Governance Tools for Regulatory Compliance.

Government 40

Government Data breaches Metadata GDPR 40

Data Matters

JUNE 5, 2018

Section 213 of the Act authorizes insured depository institutions and insured credit unions (and their respective affiliates) to accept, in connection with an individual consumer’s request to open an account or obtain a service, a scanned driver’s license or identification card issued by a state or local government.

Financial Services 68

Financial Services Insurance Privacy Authentication 68

IT Governance

SEPTEMBER 30, 2021

Report: Fitness Tracker Data Breach Exposed 61 Million Records and User Data Online (websiteplanet.com) (61,000,000). SANSA breach: International hacker group claims responsibility for Space Agency leak (thesouthafrican.com) (0). SC: Dorchester County Government Notice of February Security Incident (databreaches.net) (0).

Data breaches 111

Data breaches Ransomware Financial Services Privacy 111

Data Matters

APRIL 21, 2020

North Korea has been subjected to comprehensive international sanctions implemented to pressure its government to denuclearize. The Advisory’s recommendations are in accord with general cybersecurity regulations that govern financial institutions. Share technical information of the North Korean cyber threat. 510.701 (2020).

Cybersecurity 68

Cybersecurity Risk Ransomware Government 68