Breach Incidents

TX: Sheldon ISD notifies current and former staff and students of network breach (UPDATED)

Sheldon ISD in Houston, Texas posted a notification on July 24 concerning a cyberattack: Sheldon Independent School District (“Sheldon” or “we”) is committed to protecting the privacy and confidentiality of its students.  This commitment extends to notifying our former students if we believe the security or privacy of their information may have been compromised. ...

Morgan Stanley Hit with Class Lawsuit Over Alleged Data Breaches

Jed Horowitz reports: Former and current Morgan Stanley customers have filed a putative class-action lawsuit alleging negligence and invasion of privacy over the firm’s failure to properly scrub decommissioned hardware of personal information such as social security numbers, account numbers and other personal data. Morgan Stanley earlier this month began notifying brokers and customers that...

Why a Data Breach at a Genealogy Site Has Privacy Experts Worried

Heather Murphy reports that a data security incident involving GEDmatch has people worried. GEDmatch already had privacy advocates worried because of the data it has shared with law enforcement. Now there was a new reason for concern….. The peculiar matches began early on a Sunday morning. Across the world, genealogists found that they had...

Article: Optimizing Breach Notification

A new article is available for download on SSRN: Verstraete, Mark and Zarsky, Tal, Optimizing Breach Notification (July 14, 2020). University of Illinois Law Review, Vol. 2021, Available at SSRN: https://ssrn.com/abstract=3650724 Abstract Maintaining data security is a crucial social objective in the digital age. An emerging strategy to ensure adequate security is through breach notification...

Some Cub Pharmacies in Minnesota report breaches due to looters

Cub Pharmacies is the fourth chain I’ve seen that is reporting some theft of protected health information related to looters during protests in May.  But when you read the descriptions of these events — these not just protesters protesting. These people intentionally stole patient data and records.  For what political protest purpose?  None that...