Consumer Protection and Data breaches - Cyber Security Informer

Interview With Michael Bruemmer, Vice President of Experian Data Breach Resolution Group and Consumer Protection

SecureBlitz

APRIL 12, 2024

In this interview, we sat down with Michael Bruemmer, Vice President of Experian Data Breach Resolution Group and Consumer Protection, to learn more about cyber threats and how primary internet users can protect themselves. Experian is the world’s leading global information services company.

Consumer Protection

Consumer Protection Data breaches Identity Theft Cyber threats

Congressional Report on the 2017 Equifax Data Breach

Schneier on Security

DECEMBER 19, 2018

Here is my testimony before before the House Subcommittee on Digital Commerce and Consumer Protection last November. It's a great piece of writing, with a detailed timeline, root cause analysis, and lessons learned. Lance Spitzner also commented on this.

Data breaches

Data breaches Consumer Protection Government Hacking

CafePress faces $500,000 fine for data breach cover up

Malwarebytes

MARCH 16, 2022

The US Federal Trade Commission (FTC) has announced that it took action against online customized merchandise platform CafePress over allegations that it failed to secure consumers’ sensitive personal data and covered up a major breach. CafePress has already settled with seven US states as a result of this data breach.

Data breaches

Data breaches Passwords Authentication Social Engineering

Experian, T-Mobile Pay Up in Multimillion-Dollar Data Breach Settlements

Dark Reading

NOVEMBER 9, 2022

Massachusetts Attorney General announced settlements across multiple states for damages from Experian's 2012 and 2015 breaches that violated consumer protection and notification laws.

Data breaches

Data breaches Consumer Protection Mobile

Non-Bank Financial Firms Are to Report Breaches in Less Than 30 Days

Heimadal Security

NOVEMBER 1, 2023

Federal Trade Commission (FTC) requires all non-banking financial institutions to report data breaches to FTC within 30 days. The amendment to the Safeguard Rule refers to security incidents that impact more than 500 people.

Banking

Banking Consumer Protection Data breaches Cybersecurity

Uber agrees to pay $148 million in massive 2016 data breach settlement

Security Affairs

SEPTEMBER 26, 2018

Uber agrees to $148 million settlement with US States and the District of Columbia over the massive 2016 data breach that exposed personal data of 57 million of its users. The hackers tried to blackmail Uber and demanded $100,000 from the company in exchange for avoiding publish the stolen data. Pierluigi Paganini.

Data breaches

Data breaches Consumer Protection Advertising Hacking

Tips for Choosing a Pentesting Company

The Hacker News

OCTOBER 31, 2022

In today's world of automated hacking systems, frequent data breaches and consumer protection regulations such as GDPR and PCI DSS, penetration testing is now an essential security requirement for organisations of all sizes. But what should you look for when choosing the right provider?

Penetration Testing

Penetration Testing Consumer Protection Data breaches Hacking

New Mexico Becomes 48th State To Enact Data Breach Notification Law

Privacy and Cybersecurity Law

MAY 2, 2017

On April 6, 2017, New Mexico became the 48th state to enact a data breach notification law, leaving Alabama and South […].

Data breaches

Data breaches Consumer Protection

Tennessee Adds New Encryption And Timing Requirements To Its Data Breach Notification Law

Privacy and Cybersecurity Law

APRIL 28, 2017

On April 4, 2017, Tennessee Governor Bill Haslam signed into law an amendment to the state’s data breach notification law, making two […].

Data breaches

Data breaches Encryption Consumer Protection Government

How Thales and Red Hat Protect Telcos from API Attacks

Thales Cloud Protection & Licensing

FEBRUARY 21, 2024

Over the past year, the Telecom industry has suffered some massive, high-profile data breaches — all of which happened by exploiting unprotected APIs. These include breaches on major operators such as T-Mobile. What are Telcos particularly vulnerable to API attacks?

Encryption

Encryption Mobile Government Consumer Protection

Data Privacy Week 2023: Privacy Gains Power From Other Societal Forces

Security Boulevard

JANUARY 23, 2023

As the conversation around privacy progresses beyond a focus on security infrastructure and best practices for preventing data breaches, regulations are working to catch up.

Data privacy

Data privacy Data collection Consumer Protection Authentication

It’s a Holiday Security Breach Blowout

SiteLock

AUGUST 27, 2021

It’s a heartwarming tale of multiple mass data compromises, which affected yours truly. We’ll also discuss how major data breaches occur, and what you can do to protect yourself in the Age of the Large Data Breach. How Website Security Breaches Occur. Last week was special.

Data breaches

Data breaches Identity Theft Passwords Firewall

SiteLock’s Top Five Cybersecurity Predictions For 2020

SiteLock

AUGUST 27, 2021

It’s safe to say that the volume and magnitude of high-profile data breaches and ransomware attacks that punctuated 2019 really kept the cybersecurity industry on its toes. Data breaches stole numerous headlines this year, including the notable Capital One breach that exposed more than 100 million customers’ accounts.

Cybersecurity

Cybersecurity Phishing Data breaches IoT

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

GDPR, the EU’s flagship data privacy and “right to be forgotten” regulation, has made the stakes of a data breach higher than ever. Health data and patient data in the U.S. Financial Data Protection Laws. In the U.S.,

Data privacy

Data privacy Encryption Data breaches Insurance

Cybersecurity Report: June 29, 2015

SiteLock

AUGUST 27, 2021

US to Raise Breach of Government Records at Talks with China. This Monday, The United States began the annual security talks with China and an official said that the US government representative would raise directly the major data breach at OPM during the discussion. Follow the SiteLock blog for the latest cybersecurity news.

Cybersecurity

Cybersecurity Surveillance Government Consumer Protection

Zoom Settles with FTC over Allegations of Deceptive Security Practices

Hot for Security

FEBRUARY 2, 2021

The videoconferencing giant must also obtain biennial assessments of its security program by an independent third party and notify the commission of any data breach. 290 million new users in four months. Due to the COVID-19 pandemic, Zoom’s install base has ballooned from 10 million in December 2019 to 300 million in April 2020.

Encryption

Encryption Consumer Protection Surveillance Data breaches

CNA legal filings lift the curtain on a Phoenix CryptoLocker ransomware attack

Malwarebytes

JULY 23, 2021

Two months after fully restoring its systems, CNA Financial, the leading US insurance company that was attacked by a group using Phoenix CryptoLocker ransomware, issued a legal notice of an information security incident to the Consumer Protection Bureau in New Hampshire. Phoenix posed as a browser update.

Ransomware

Ransomware Unstructured Data Accountability Consumer Protection

How Thales and Red Hat Protect Telcos from API Attacks

Security Boulevard

FEBRUARY 21, 2024

Over the past year, the Telecom industry has suffered some massive, high-profile data breaches — all of which happened by exploiting unprotected APIs. These include breaches on major operators such as T-Mobile. What are Telcos particularly vulnerable to API attacks?

Encryption

Encryption Mobile Government Consumer Protection

Me on the Equifax Breach

Schneier on Security

NOVEMBER 8, 2017

Hearing on "Securing Consumers' Credit Data in the Age of Digital Commerce". Subcommittee on Digital Commerce and Consumer Protection. Mister Chairman and Members of the Committee, thank you for the opportunity to testify today concerning the security of credit data. Before the. Committee on Energy and Commerce.

Computers and Electronics

Computers and Electronics Identity Theft Internet Internet

New Federal Privacy Law Legislation Introduced

SecureWorld News

MARCH 18, 2021

According to a statement from DelBene, 70% of Americans believe their data is less secure now than it was five years ago, and 45% say they had their personal information compromised in a data breach with limited to no accountability for those responsible.

Data privacy

Data privacy Consumer Protection Data breaches Technology

Stretching the boundaries through artificial intelligence: the European proposal for a dedicated regulation. The protection of personal data.

Privacy and Cybersecurity Law

SEPTEMBER 15, 2021

The obligation to report serious incidents or malfunctions recalls the obligation to notify data breaches. Artificial intelligence not only crosses over into data protection law, but also extends to other areas of law, such as intellectual property, competition, consumer protection, and insurance, to name but a few.

Artificial Intelligence

Artificial Intelligence Consumer Protection Technology Insurance

Scary Fraud Ensues When ID Theft & Usury Collide

Krebs on Security

JANUARY 25, 2022

Then in mid-January, Jim heard from MSF via snail mail that they’d discovered a data breach. Jim said MSF ultimately agreed that the loan wasn’t legitimate, but they couldn’t or wouldn’t tell him how his information got pushed through to a loan — even though MSF was never able to pull his credit file.

Financial Services

Financial Services Banking Accountability Identity Theft

CISA, SolarWinds up interest in security scoring

SC Magazine

FEBRUARY 10, 2021

They’re also using it for investigative purposes, such as if they believe there has been a data breach that could violate a state consumer protection or data or state data privacy law. They can be part of those investigations. So, they can be used in an offensive and a defensive manner.

Cyber Insurance

Cyber Insurance Insurance Cyber Risk Government

GUEST ESSAY: A primer on best practices for automating supply chain cybersecurity

The Last Watchdog

OCTOBER 16, 2023

They point out how supply chains rely on software yet lack the security tools to protect them. Data breaches exposed over 37 billion records in 2020 alone — a 141% jump from 2019. Businesses must automatically secure their supply chains to protect themselves and comply with consumer-protection laws.

Cybersecurity

Cybersecurity Cyber Attacks Artificial Intelligence Data breaches

What is Maryland’s Online Data Privacy Protection Act?

Centraleyes

APRIL 15, 2024

Genetic Information Maryland was one of a select group of states that included genetic information in their listing of personal information categories in previous Maryland consumer protection acts. HB962 expands and specifies exactly which types of genetic information are subject to breach notification requirements.

Data privacy

Data privacy Identity Theft Data breaches Data collection

Robocall Legal Advocate Leaks Customer Data

Krebs on Security

AUGUST 3, 2020

A California company that helps telemarketing firms avoid getting sued for violating a federal law that seeks to curb robocalls has leaked the phone numbers, email addresses and passwords of all its customers, as well as the mobile phone numbers and other data on people who have hired lawyers to go after telemarketers.

Mobile

Mobile Marketing Consumer Protection Wireless

12 Online Resolutions for 2021

Adam Levin

DECEMBER 16, 2020

Do your homework and find a VPN service with a solid reputation for their privacy, security, and data retention policies. Unfortunately, this means that a single poorly-secured personal device can lead to a large-scale data breach. Always check your credit for new accounts or unusual activity.

VPN

VPN Antivirus Passwords Backups

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 8, 2018

Thus, if a business encrypts the personal information of the consumer, and that information is stolen, there will be no private right of action under the CCPA. That does not mean, however, that the business would be completely off the hook.

Government

Government Internet Internet Consumer Protection

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 9, 2018

Thus, if a business encrypts the personal information of the consumer, and that information is stolen, there will be no private right of action under the CCPA. That does not mean, however, that the business would be completely off the hook.

Internet

Internet Internet Education Consumer Protection

IRS Warns About New Cyber Scam Targeting Taxpayers

Privacy and Cybersecurity Law

MARCH 6, 2018

Last month, the United States (US) Internal Revenue Service (IRS) issued a warning to US taxpayers that cyber criminals are increasing their […].

Scams

Scams Consumer Protection Data breaches Government

NIST Plans To Examine Internet of Things (IoT) For Its Cybersecurity Framework

Privacy and Cybersecurity Law

MAY 17, 2017

The National Institute of Standards and Technology (NIST) is holding a Cybersecurity Framework Workshop this week at its headquarters in Gaithersburg, Maryland. […].

Internet

Internet Internet Cybersecurity IoT

HHS Issues Quick Response Cyber Attack Checklist

Privacy and Cybersecurity Law

JULY 13, 2017

Last month, after the WannaCry ransomware attack infected 230,000 computers in 150 countries, the US Department of Health and Human […].

Cyber Attacks

Cyber Attacks Ransomware Consumer Protection Data breaches

New ABA Opinion – Attorneys Must Take Reasonable Cybersecurity Measures To Protect Client Data

Privacy and Cybersecurity Law

MAY 12, 2017

On May 11, 2017, the American Bar Association (ABA) issued Formal Opinion 477, making clear that a lawyer may transmit information […].

Cybersecurity

Cybersecurity Consumer Protection Data breaches

Survey Says…Cybersecurity Remains A Critical Challenge For Business

Privacy and Cybersecurity Law

MARCH 23, 2018

On March 14, 2018, IBM Security announced the results of a new global study on organizational cybersecurity readiness and resiliency entitled “The […].

Cybersecurity

Cybersecurity Consumer Protection Data breaches

Camera tricks: Privacy concerns raised after massive surveillance cam breach

SC Magazine

MARCH 10, 2021

“I would say that you’re talking about state data breach laws, state and federal laws against unfair and deceptive trade practices, [and] potentially HIPAA liability for health institutions that were relying on a system that was using inadequate security protocols,” Davisson continued. “If

Surveillance

Surveillance IoT Accountability Passwords

NIST Plans To Examine Internet of Things (IoT) For Its Cybersecurity Framework

Privacy and Cybersecurity Law

MAY 17, 2017

The National Institute of Standards and Technology (NIST) is holding a Cybersecurity Framework Workshop this week at its headquarters in Gaithersburg, Maryland. The purpose of the workshop is to discuss issues related to its widely used Cybersecurity Framework.

IoT

IoT Internet Internet Cybersecurity

US Government Accountability Office Releases New Report On The Internet of Things (IoT)

Privacy and Cybersecurity Law

MAY 19, 2017

On May 15, 2017, the US Government Accountability Office (GAO) released a new report entitled “Internet of Things: Status and implications of an […].

Internet

Internet Internet Government Accountability

FBI Warns Cyber Criminals Are Targeting Unsecured FTP Servers In The Healthcare Industry

Privacy and Cybersecurity Law

MAY 3, 2017

On March 22, 2017, the FBI issued a Private Industry Notification, warning that criminal actors are actively targeting File Transfer Protocol […].

Healthcare

Healthcare Consumer Protection Data breaches

NIST Releases Draft Guidance On Securing Wireless Infusion Pumps In The Healthcare Industry

Privacy and Cybersecurity Law

MAY 10, 2017

On May 8, 2017, the National Institute of Standards and Technology (NIST), through its National Cybersecurity Center of Excellence (NCCoE), […].

Wireless

Wireless Healthcare Technology Cybersecurity

Colorado Proposes New Cybersecurity Rules For Financial Advisers

Privacy and Cybersecurity Law

APRIL 25, 2017

Earlier this month, the Colorado Division of Securities released a set of proposed changes to the Colorado securities laws that would, if […].

Cybersecurity

Cybersecurity Consumer Protection Data breaches

SEC Issues Cybersecurity Alert For Brokers And Financial Advisers

Privacy and Cybersecurity Law

MAY 18, 2017

On May 17, 2017, the US Securities and Exchange Commission (SEC), through its National Exam Program, issued a “Risk Alert” […].

Cybersecurity

Cybersecurity Risk Consumer Protection Data breaches

HHS Plans To Launch Cybersecurity Center Focused On Medical App Security

Privacy and Cybersecurity Law

MAY 10, 2017

The US Department of Health and Human Services (HHS) announced on April 20 that it plans to launch a cybersecurity initiative modeled […].

Cybersecurity

Cybersecurity Consumer Protection Data breaches Government

HHS Issues Warning About Phishing Campaign Disguised As Official Communication

Privacy and Cybersecurity Law

DECEMBER 3, 2016

As part of its efforts to assess compliance with the HIPAA Privacy, Security and Breach Notification Rules, the US Department […].

Phishing

Phishing Consumer Protection Marketing Data breaches

FTC Announces New Guidance on Ransomware

Privacy and Cybersecurity Law

NOVEMBER 23, 2016

Federal Trade Commission (FTC) released new guidance for businesses and consumers on the impact […]. On November 10, 2016, the U.S.

Ransomware

Ransomware Consumer Protection Marketing Data breaches

Interview With Michael Bruemmer, Vice President of Experian Data Breach Resolution Group and Consumer Protection

Congressional Report on the 2017 Equifax Data Breach

Trending Sources

CafePress faces $500,000 fine for data breach cover up

Experian, T-Mobile Pay Up in Multimillion-Dollar Data Breach Settlements

Non-Bank Financial Firms Are to Report Breaches in Less Than 30 Days

Uber agrees to pay $148 million in massive 2016 data breach settlement

Tips for Choosing a Pentesting Company

New Mexico Becomes 48th State To Enact Data Breach Notification Law

Tennessee Adds New Encryption And Timing Requirements To Its Data Breach Notification Law

How Thales and Red Hat Protect Telcos from API Attacks

Data Privacy Week 2023: Privacy Gains Power From Other Societal Forces

It’s a Holiday Security Breach Blowout

SiteLock’s Top Five Cybersecurity Predictions For 2020

Security Compliance & Data Privacy Regulations

Cybersecurity Report: June 29, 2015

Zoom Settles with FTC over Allegations of Deceptive Security Practices

CNA legal filings lift the curtain on a Phoenix CryptoLocker ransomware attack

How Thales and Red Hat Protect Telcos from API Attacks

Me on the Equifax Breach

New Federal Privacy Law Legislation Introduced

Stretching the boundaries through artificial intelligence: the European proposal for a dedicated regulation. The protection of personal data.

Scary Fraud Ensues When ID Theft & Usury Collide

CISA, SolarWinds up interest in security scoring

GUEST ESSAY: A primer on best practices for automating supply chain cybersecurity

What is Maryland’s Online Data Privacy Protection Act?

Robocall Legal Advocate Leaks Customer Data

12 Online Resolutions for 2021

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

IRS Warns About New Cyber Scam Targeting Taxpayers

NIST Plans To Examine Internet of Things (IoT) For Its Cybersecurity Framework

HHS Issues Quick Response Cyber Attack Checklist

New ABA Opinion – Attorneys Must Take Reasonable Cybersecurity Measures To Protect Client Data

Survey Says…Cybersecurity Remains A Critical Challenge For Business

Camera tricks: Privacy concerns raised after massive surveillance cam breach

NIST Plans To Examine Internet of Things (IoT) For Its Cybersecurity Framework

US Government Accountability Office Releases New Report On The Internet of Things (IoT)

FBI Warns Cyber Criminals Are Targeting Unsecured FTP Servers In The Healthcare Industry

NIST Releases Draft Guidance On Securing Wireless Infusion Pumps In The Healthcare Industry

Colorado Proposes New Cybersecurity Rules For Financial Advisers

SEC Issues Cybersecurity Alert For Brokers And Financial Advisers

HHS Plans To Launch Cybersecurity Center Focused On Medical App Security

HHS Issues Warning About Phishing Campaign Disguised As Official Communication

FTC Announces New Guidance on Ransomware

Stay Connected