Contact

Click here for a confidential contact or call:

1-212-350-2774

Cybersecurity and Data Breaches

This archive displays posts tagged as relevant to cybersecurity and data breach issues. You may also be interested in the following pages:

Page 6 of 8

July 22, 2019

Credit reporting company Equifax has agreed to pay up to $700 million to resolve claims related to its 2017 data breach in a global settlement with the FTC, the CFPB, and 50 U.S. states and territories.  The settlement will be entered as a stipulated judgment in civil action pending against Equifax, alleging that Equifax failed to take adequate steps to secure its network and consumer data, despite being warned of network vulnerabilities, resulting in a hack that exposed the private information of almost 150 million people.  The settlement provides that defendant will pay between $300 million and $425 million to compensate affected consumers, in addition to a $100 million penalty to the CFPB and $175 million to the states.  Equifax also agreed to take specified steps to improve information security, subject to review by an independent third party.  FTC; CFPB; AG CA; AG NY; AG PA

Blowing the Whistle on Data Breaches and Cybersecurity Flaws

Posted  06/14/19
By Chris McLamb
Computer Security Profession Sitting at Her Computer Desk
With increasing dependence on technology, cybersecurity has emerged as a critical issue for customers, investors, and government regulators. Data breaches and other cybersecurity incidents can have devastating effects. In 2018, the Council of Economic Advisers estimated that malicious cyber activity cost the U.S. economy up to $109 billion dollars in 2016 alone. Typically, the public only learns of such flaws and...

Whistleblowers Needed to Stop Secret Kickbacks, Bribes, Overcharging, and False Costs in E-Rate, Lifeline, Connect America, and Rural Healthcare programs

Posted  06/7/19
Large broadband cable bales awaiting installation on rural road.
The FCC disburses billions of dollars every year for its massive Universal Service Fund (USF) and its laudable mission to promote telephone and internet access to all U.S. persons regardless of income and location. This massive pot of government money attracts a commensurate measure of opportunists seeking to defraud these well-meaning programs.

What is the Universal Service Fund?

The Universal Service Fund...

May 23, 2019

Sixteen states have reached a settlement with the Medical Informatics Engineering and NoMoreClipboard, LLC, which have agreed to pay $900,000 to resolve allegations that the companies violated the Health Insurance Portability and Accountability Act (HIPAA), unfair and deceptive practice laws, notice of data breach statutes, and state personal information protection laws. The companies provide patient portals to healthcare providers, enabling patients to access their health records. Hackers allegedly infiltrated the companies' servers in May 2015, stealing the information of more than 3.9 million individuals. A consent judgment with specific compliance agreements was also entered by the court.  FL; NC

Catch of the Week — DOJ Settles False Claims Act Case Against Cybersecurity Company

Posted  04/18/19
Hand Above Passcode Locked Phone
Last week, the Department of Justice announced that Fortinet, Inc., a Silicon Valley-based cybersecurity company, has agreed to pay more than half a million dollars to resolve allegations that it lied about its compliance with the federal Trade Agreements Act (TAA). The allegations were brought to the government’s attention through a False Claims Act lawsuit filed by a whistleblower who worked in Fortinet’s...

2018 Whistleblower of the Year Candidate – Cambridge Analytica Whistleblower Christopher Wylie

Posted  01/4/19
Christopher Wylie at outdoors protest speaking into megaphone
In 2013, American author Dave Eggers published The Circle, a novel chronicling the adventures of a technology worker at a powerful Internet company. The company collects heaps of information about its subscribers and uses it in all aspects of their lives: it finds missing persons within minutes, monitors individual medical conditions, and even tries to use data to require people to vote on Election Day. The...

Question of the Week — Should Whistleblowers Receive Rewards for Exposing Data Breaches?

Posted  10/17/18
Hardly a week goes by without more news of an actual or attempted data breach threatening consumer privacy or government security. In just this past month, Uber, Anthem and Facebook all made headlines for massive data breaches affecting millions of users and customers. In late September, Facebook notified its users of a data breach that exposed over 50 million people to hackers who could have taken over the users’...

October 16, 2018

Sudhakar Reddy Bonthu, a former manager at Equifax, was sentenced to 8 months of home confinement and fined $50,000 for insider trading related to Equifax's massive data breach in 2017. As a member of a team tasked with quickly developing an online user interface for 100 million possible victims of a data breach at an unnamed company, Bonthu quickly guessed that the company in question was the one he worked for. In violation of company policy as well as federal law, Bonthu then allegedly bought a large quantity of Equifax stock, specifically put options, which allowed him to profit if the value plummeted within a two week period. Six days later, Equifax announced the breach and its stock value plummeted, netting Bonthu more than $75,000 in fraudulently gained profits. USAO NDGA

September 27, 2018

Uber has reached a $148 million settlement in a multi-state investigation arising from a 2016 data breach, which exposed the drivers’ license data of 600,000 drivers and other personal data from as many as 57 million customers.  Uber learned of the breach when anonymous hackers demanded $100,000 to keep the breach confidential.  Uber paid the hackers, but failed to disclose the breach or notify affected parties until November 2017.  The $148 million settlement, the largest multi-state data breach settlement to date, will be divided among all 50 states and the District of Columbia. Uber also agreed to implement additional security and compliance procedures.  Among the AG announcements: CA, CT, FL, GA, IL, NJ, NY, NC, PA, VA.

September 26, 2018

Registered broker-dealer and investment advisor Voya Financial Advisors Inc. will pay $1 million to resolve SEC allegations that it failed to comply with the Safeguards Rule, Identity Theft Red Flags Rule, and related regulations in its response to a computer systems intrusion that compromised personal information of thousands of customers. SEC
1 4 5 6 7 8