Quickhits: Dog Days of Summer Edition

The heat is on as we enter the dog days of summer.  The same is true at the intersection of law, technology, privacy and security where tricky issues continue to heat up.  Things are moving so fast now it is a challenge to keep track of all the developments. Here are a few "quickhits" to help keep you up-to-date . . .

  • Another interesting online banking security breach recently occurred. This time the bad guys scored $465,000. If a lawsuit is filed this one may again test the issue of “commercially reasonable security” and the responsibility of the small business customer whose account was compromised. In this case (unlike for instance Shames-Yaekel or EMI ) a login by two separate individuals was required before a wire transfer could go out. It appears that the customer opened an unknown attachment to an email, which launched a Trojan horse that allowed the thieves to obtain the login credentials of BOTH people needed for a wire transfer. The sophistication of the attack was impressive, involving a fake email based on a real UPS delivery and the use of multiple “mule” companies (unwitting individuals trying to start a “get rich quick business from your own home”) to transfer funds to the criminals’ accounts.
  • Healthnet settled with the Connecticut AG over its security breach and alleged violations of HIPAA. The fine was $250,000, but rumors have it that Healthnet spent in the vicinity of $7 million handling the breach, providing notice and responding to the investigation.
  • Mexico’s data protection law recently went into effect. If you want to read a really bad English translation (created using Google Translate), click here (DISCLAIMER: do not rely on this translation it is full of errors, but will give an idea of what this law entails; the Mexican government will eventually release an official English translation).
  • Germany launches legal proceedings against Facebook for allegedly illegally accessing and saving personal information of people that do not use Facebook.
  • The 2010 Betterley Report on the "cyber insurance" market was recently released.  Cyber insurance is being sold by more and more insurers at all levels of the economy.  Will it become a standard purchase as information security and privacy legal risks increase?  You can read an excerpt of the report HERE.

Thanks for reading us, and enjoy your summer!