Privacy & Security Matters Mintz Levin : Data Compliance & Security, Employee Privacy Lawyer & Attorney

Identity Theft

Subscribe to Identity Theft RSS Feed

Register for our next Wednesday Webinar — February 25

Posted in Employee Privacy, Events and Webinars, HIPAA/HITECH, Identity Theft, Mobile Privacy, Privacy Litigation, Security, Social Media

Registration is open for the next installment in the Mintz Levin Privacy & Security Group Wednesday Webinar series — This webinar,  scheduled for Wednesday, February 25,  will focus on privacy in the workplace. Our workplace is everywhere these days, which makes employment and privacy compliance even more challenging. Jen Rubin and Gauri Punjabi will discuss… Continue Reading

The Anthem Data Breach: The Fallout and What’s Next

Posted in Class Action Litigation, Cybersecurity, Data Breach, Data Breach Notification, HIPAA/HITECH, Identity Theft

By now (unless you have been under a snow drift), you have likely heard about the apparent intrusion into a database at the nation’s largest health insurer, Anthem, Inc.  Rather than reiterate the facts as currently known (see Anthem’s dedicated website for updates), we’ll look at the fallout and what’s next.

Global Internet Threat Activity

Posted in Cybersecurity, Data Breach, Data Compliance & Security, Identity Theft, Security

Often, privacy and security professionals are seen as “paranoid” or “Chicken Little” ….. statistics are pointing to something that more closely resembles the canary in the coal mine. A new Internet Security Threat Report provides an overview and analysis of the year’s global internet threat activity. The report is based on data from the Symantec™… Continue Reading

Privacy Monday: July 21, 2014

Posted in Data Breach, Data Breach Notification, Identity Theft, Privacy Monday

We are now officially in the throes of “midsummer” on this Privacy Monday.  And, on occasion in the data privacy world, we agree with Will Shakespeare’s words….“Lord, what fools these mortals be!” Flash Drives  …. Butler University has warned about 160,000 students, faculty, staff, and alumni that personal information was discovered on a flash drive… Continue Reading

October is National Cyber Security Awareness Month

Posted in Cybersecurity, Identity Theft

DID YOU KNOW? –       93 percent believe their online actions can protect not only friends and family but also help to make the Web safer for everyone around the world. –       Nearly two-thirds of the American public have heard, read or seen something about online safety and security issues recently. However, most of what the… Continue Reading

FTC Complaint: Medical Testing Lab Exposed Personal Data of Thousands Over Peer-to-Peer Network

Posted in Data Breach, Federal Trade Commission, Identity Theft

Written by Amy Malone Just before the Labor Day holiday, the Federal Trade Commission issued a press release announcing its complaint against LabMD, Inc., a company that performs medical testing for consumers around the country.  The complaint alleges that the company did not take reasonable measures to protect the security of consumers’ personal data.   The… Continue Reading

Revised FTC Guide on ‘Red Flags’ Identity Theft Rule Published

Posted in Federal Trade Commission, Identity Theft

UPDATE: The Federal Trade Commission recently issued a revised guide on the Red Flags Identity Theft Rule, designed to help businesses comply with the requirements of the Rule. Our detailed Client Alert on the Final Red Flags Rule and compliance obligations issued by the SEC and CFTC can be found here.   Compliance with the… Continue Reading

“Red Flag” Compliance Requirements Come to Investment Advisors, Broker-Dealers – UPDATE

Posted in Data Compliance & Security, Identity Theft, Privacy Regulation

  UPDATE:   We have prepared a detailed Client Alert as a guide to getting started with these new Red Flag Rules and compliance obligations.   You can read it here.   It has been several years since the Federal Trade Commission’s Red Flag Rule took effect; and the banking regulators have had the Red Flag… Continue Reading

The Tale of Two Banks: Final Settlement in Maine Bank Security Practices Case and a Failure of Bank Security Procedures in Florida

Posted in Identity Theft, Privacy Litigation

In a case that we have written about here and here, People’s United Bank of Maine has agreed to pay about $ 390,000 to settle a claim that its security practices allowed unauthorized persons to withdraw funds from a construction company’s account (Patco Construction Co. v. People’s United Bank, D. Me., No. 09-503, agreed dismissal filed 11/19/12)…. Continue Reading

Hack Attack: US Financial Institutions in the Cross-Hairs

Posted in Data Breach, Identity Theft

Written by Amy Malone Last week the FBI released a fraud alert warning financial institutions that cyber criminals have been using tactics such as spam and phishing emails to obtain employee log-in credentials.  After obtaining the credentials the hackers initiated wire transfers oversees.  A few days after the alert, Bank of America, JPMorgan Chase  and… Continue Reading

Risk assessments are critical to avoid data blackmail

Posted in Data Breach, Data Compliance & Security, Identity Theft

 The article below was posted to the Mintz Health Law & Policy Matters blog, but it contains valuable information for any business regarding steps to take to avoid data blackmail.    Check out the bullet point list below and make sure that your company secures all its sensitive data against threats, both internal and external. Written… Continue Reading

Data breaches du jour…..

Posted in Data Breach, Data Breach Notification, Identity Theft

Today’s news contains information regarding not one, but two, data breaches, compromising the personal information of a total of nearly 20,000 people. The Washington Business Journal published a report today of a breach at the Environmental Protection Agency which exposed the Social Security numbers and banking information of nearly 8,000 individuals, most current employees of… Continue Reading

Law & Order PEPU: California’s new Privacy Enforcement and Protection Unit

Posted in Data Breach, Data Compliance & Security, Identity Theft, Privacy Regulation

Written by Jake Romero In a move signaling increased enforcement of the state’s data privacy and security regulations, California’s Attorney General Kamala D. Harris has announced the creation of the Privacy Enforcement and Protection Unit.   The Privacy Unit will be staffed by California Department of Justice Employees, including six dedicated prosecutors, and will have… Continue Reading

From the Data Protection and Privacy Conference: Words of Advice from the Federal Trade Commission

Posted in Data Breach Notification, Data Compliance & Security, Federal Trade Commission, Identity Theft, Privacy Regulation

Written by Amy Malone Amy Malone is attending the Data Protection & Privacy Law Conference in Arlington, Virginia this week and will be providing updates. Kevin Moriarty from the Division of Privacy and Identity Protection of the Federal Trade Commission addressed the privacy conference on Wednesday.  His discussion focused on the current FTC policy work, including workshops… Continue Reading

Symantec: Malicious Cyber Attacks Increased by 81 Percent in 2011 and Data Breaches Up

Posted in Data Breach, Data Breach Notification, Data Compliance & Security, Identity Theft, Security

Symantec has released its annual Internet Security Threat Report, and the numbers are astounding.  According to the report, malicious attacks on networks skyrocketed by 81 percent in 2011.    The report also highlights that advanced persistent threats, known as APT attacks, are spreading to organizations of all sizes, with the number of daily APT attacks increasing… Continue Reading

Getting ready to forward that spreadsheet to your personal email account? Think twice…..then think again…

Posted in Data Breach, HIPAA/HITECH, Identity Theft, Security

An employee — former employee — of the South Carolina Department of Health and Human Services found out the hard way after transferring the information of more than 228,000 Medicaid beneficiaries to his personal email account.     The data included Medicare numbers (which include Social Security numbers as part of the identifier) linked to the beneficiaries… Continue Reading

New Year’s Resolutions – Privacy & Security

Posted in 201 CMR 17.00, Data Breach, Data Compliance & Security, HIPAA/HITECH, Identity Theft, Privacy Regulation, Secure Traveling, Security

Since it’s traditionally the time for new beginnings and resolutions to clear away old habits, we’d like to pass on some tips for improving privacy and security in your operations — and in your own life —  in 2012. 1.   Be sure to secure. Many data breaches occur by leaving sensitive information lying around the… Continue Reading

It’s almost 2011. Do you know where your Red Flags Rule compliance program is?

Posted in Data Compliance & Security, Identity Theft

(UPDATED) Late Tuesday, the House of Representatives passed the Red Flag Program Clarification Act of 2010 on a voice vote, clearing the way for President Obama’s signature.  The Clarification Act exempts doctors, lawyers, accountants and certain other professionals from compliance with the Red Flags Rule.  As you may recall, we discussed lawsuits filed by the American… Continue Reading

Low Tech ID Theft ……

Posted in Identity Theft

As Federal Reserve Chairman Ben Bernanke and his wife recently found out, identity theft often has nothing to do with technology…. PC Mag: Fed Chairman Hit by ID Theft