data breach

Latest in data breach

Cybersecurity

Hackers Leaked Sensitive Government Data in Argentina—and Nobody Cares

On Monday, Aug. 12, hackers leaked 700 GB of data obtained from the government of Argentina, including confidential documents, wiretaps and biometric information from the Argentine Federal Police, along with the personal data of police officers. The Twitter account of the Argentine Naval Prefecture was hacked as well, and used not only to share links to the stolen information but also to spread fake news about a nonexistent British attack on Argentine ships.

Congress

A Method for Establishing Liability for Data Breaches

Last month, the First American Financial Corporation—which provides title insurance for millions of Americans—acknowledged a cybersecurity vulnerability that potentially exposed 885 million private financial records related to mortgage deals to unauthorized viewers. These records might have revealed bank account numbers and statements, mortgage and tax records, Social Security numbers, wire transaction receipts, and driver’s license images to such viewers.

Data Protection

Does Equifax Owe Victims a Duty of Care?

Last week, credit reporting outlet Equifax disclosed that they were subject to a massive hack of personally identifiable information that may have compromised the data of as many as 143 million Americans. Unlike many other high-profile data breaches, many of the individuals affected might not have ever used Equifax, viewed or consented to their data retention policies.

Data Protection

Your Voter Records Are Compromised. Can You Sue? Theories of Harm in Data-Breach Litigation

Last year, the Republican National Committee hired a firm called Deep Root Analytics to collect voter information. The firm accidentally exposed approximately 198 million personal voter records. This was 1.1 terabytes of personal information that the company left on a cloud server without password protection for two weeks.

On June 21 of this year, victims filed a class action in Florida court against Deep Root Analytics for harm resulting from a data breach.

Cybersecurity

The FTC Takes Charge -- FTC v. Wyndham

As Wells reported Monday, the Third Circuit has issued its decision in Federal Trade Commission v. Wyndham Worldwide Corp. Readers may recall the background of the case. Wyndham was hacked by a Russian criminal gang who stole a host of personally identifiable information maintained by Wyndham for its customers -- everyone, essentially, who ever stayed at the hotel chain.

Wyndham v. FTC

CA3 Endorses FTC Authority to Sue Companies for Security Breaches

Such is the gist of a three-judge panel's quite important opinion, affirming the denial of a motion to dismiss in Federal Trade Commission v. Wyndham Worldwide Corporation et al.

Query how much this precedent, regarding the government's own cyber enforcement powers, might bolster private efforts to hold the government to account for its own data security problems.

Subscribe to Lawfare

EmailRSSKindle