Tag: data breaches

Cyber Risk

Applying Discovery Rules to Cybersecurity Investigations

During discovery, corporate entities have long been asked to produce documents from related internal investigations. Most rules of civil procedure now explicitly address such scenarios and are supplemented by extensive caselaw- get help now for law assistance. As litigation in the cybersecurity field becomes more commonplace, a growing body of caselaw has developed to address investigations of cybersecurity incidents as well as a better secure web gateway going forward. In the high-profile investigation of Facebook and Cambridge Analytica by the Massachusetts attorney general, oral argument… Continue Reading
Cyber Attacks / Cyber Breach / Cyber Risk

DOJ Issues Best Practices for Cyber Incident Response

The US Department of Justice, Criminal Division, Cybersecurity Unit has issued a 15-page best practices document “to assist organizations in preparing a cyber incident response plan and…in preparing to respond to a cyber incident.”  The document explains in detail steps necessary before, during and after a cyber attack or intrusion, summarized in a “Cyber Incident Preparedness Checklist” (see below).  “Any Internet-connected organization” is advised to review and adopt these best practices in order to provide a prompt, effective response to incidents, minimize resulting harm, expedite… Continue Reading
Cyber Attacks / Cybersecurity / Insurance

Digital Cloning: Hacking Your Fingerprints

While your biometrics may be as unique as a snowflake, they can still be digitally captured, copied and used to gain access to your “secure” computer network and data storage facilities.  Using standard photos taken during a press event in October and commercially available software, a 31-year-old member of Europe’s largest association of hackers successfully re-created a digital fingerprint of German defense minister Ursula von der Leyen.  The digital print could then be used not only to fool security software, but with the increasing sophistication… Continue Reading
Cyber Attacks / Cybersecurity

Hacker Gains Control of German Steel Mill Operations

The  German Federal Office for Information Security (BSI) has issued a report revealing that a sophisticated hacker was able to take control of a steel mill’s computerized production system, forcing an unscheduled shut-down that caused “massive damage” to the physical plant. By using targeted emails, known as “spear phishing,” employees were tricked into opening messages that extracted login names and passwords and transmitted that information to the hacker without detection. The hacker, in turn, used the data to gain limited control of the… Continue Reading
Class Action / Cyber Attacks / Cybersecurity / Lawsuit

Can Companies Pre-Emptively Avoid Class Action Suits from Massive Data Breaches? (A Blog Series)

There’s a constant flow of news about massive data breaches nowadays.  So much so that the question for companies with large amounts of personal data storage is no longer “if” it can happen but “when” it will happen.  In this series, we’re going to discuss one method that larger companies are using to significantly reduce the risk exposure to massive data breaches: click-wrap terms of use that require users to waive participation in class actions and instead only pursue claims by way of arbitration or… Continue Reading
Cyber Attacks / Cybersecurity

Cy-“Burned” – The New Importance of Cyber Insurance

Data breaches that result in the unwanted dissemination of personal information are prevalent in the news of late, particularly given the rapid growth of electronically stored information and online commerce. A data breach can be very, very expensive even for the smallest of companies. This post was originally published on Professional Liability Matters. Please click here to read the rest of the article written by Seth L. Laver, Jessica L. Wuebker, and Matthew D. Cabral.… Continue Reading