Federal prosecutors announced yesterday the indictment of five men accused of involvement in the theft of over 160 million credit card numbers. According to prosecutors, thefts by this group involved some of the largest and most notable U.S. data breaches of recent years, including Global Payments, Heartland Payment Systems, Hannaford, and NASDAQ, among others. Payment … Continue Reading
Federal prosecutors announced yesterday the arrest and indictment of five men accused of involvement in the theft of over 160 million credit card numbers. According to prosecutors, thefts by this group involved some of the largest and most notable U.S. data breaches of recent years, including Global Payments, Heartland Payment Systems, Hannaford, and NASDAQ, among … Continue Reading
On May 13, 2013, Vermont Governor Peter Shumlin signed H.513 into law. The new law includes an amendment to Vermont’s Security Breach Notice Act, 9 V.S.A. § 2435. Previously, under § 2435, Vermont-regulated financial institutions were exempt from notifying any Vermont authority in case of a security breach involving personally identifiable data. The new law … Continue Reading
Today, the Department of Health and Human Services, Office of Civil Rights (OCR), joined with the Workgroup for Electronic Data Interchange and hosted an online seminar discussing HITECH requirements in the new Final Rule. The presentations covered many points about the Final Rule previously outlined on this blog (see here, here, and here). Rachel Seeger, … Continue Reading
Earlier this month, the Massachusetts Supreme Court issued an opinion holding that zip codes “may well qualify” as personally identifiable information under the Massachusetts law controlling the treatment of PII in credit card transactions. The Massachusetts case echoes a 2011 ruling from the California Supreme Court which similarly held zip codes to be PII. Like the earlier California case, the … Continue Reading
The FTC last week announced the release of the Consumer Sentinel Network Databook for January – December 2012. The “Consumer Sentinel Network” is the FTC’s platform for law enforcement collaboration on issues affecting consumers. The program collects data from a wide range of sources, providing a comprehensive, nationwide picture of consumer complaints. Given the possible existence … Continue Reading
As reported here, the FTC earlier this month released a staff report on mobile privacy. The report, Mobile Privacy Disclosures: Building Trust Through Transparency, provides privacy practice recommendations to firms operating in the mobile app development “ecosystem.” The report’s recommendations are geared mainly toward developers and app store operators, such as Apple, Google, or Microsoft. … Continue Reading
The Federal Trade Commission has released the Consumer Sentinel Network Data Book, its annual report of complaints filed with the FTC and other state organizations. The report tracks consumer complaints by categories such as fraud, identity theft, and other. Fraud complaints span 30 different categories, including debt collection, bank/lending services, prizes/sweepstakes/lotteries, impostor scams, shop-at-home and … Continue Reading
