Category Archives: Cyber-Liability

Employer Liability for Privacy Breach?

Professionals are often entrusted with confidential information. Ethical rules as well as federal and state laws limit when such information may be accessed by professionals and under what circumstances it may be disseminated. Sure, professionals may be held accountable for errors that result in the unintended disclosure of confidential or sensitive data. However, liability is not limited to the professional directly responsible for the breach; rather, employers may be on the hook too. In fact, the employer may be responsible even if the employee’s conduct was illegal or in violation of company policy.

Continue Reading....

National Cyber-Security: The President Weighs In

Data breaches and cyber-security issues are hot topics. Any company that utilizes electronic means to conduct business, obtain and store information or customer data is subject to the risk of a data breach. The effects of a breach can be devastating. We have recently blogged about practice pointers and tips for companies and boards of directors to be gleaned from high-profile breaches such as the one facing Sony. Against the backdrop, President Obama weighed-in on the significance of cyber crime.

Continue Reading....

Lessons from Sony: Cyber Attack

Sony Pictures recently became the target of a sophisticated and debilitating digital attack. The first signs of the hack appeared in late November, when an image of a skull flashed on every employee’s computer screen accompanied by a threatening message that the company’s internal data had been compromised. The company initially experienced a shutdown of many of its computers. In the following days, the hackers began to leak private company data. Five Sony films, including four unreleased projects were leaked online, along with compensation information for the top seventeen Sony executives and social security information for more than 6,000 current and former employees. In addition, countless confidential email exchanges were exposed to the public. One month on, Sony continues to suffer fallout from the attack, including the suspension of several film projects due to the inability to process payments, and a decision earlier this week to cancel the release of the upcoming comedy The Interview.

Continue Reading....

Cyber Liability in the C-Suite

Everything is electronic. Companies are increasingly reliant on electronic processes to obtain and store valuable customer data, confidential, privileged and proprietary information. With that increased reliance comes the increased risk that this information can be compromised. In light of many recent high-profile data breaches, litigation surrounding data and privacy protection is increasing. A side effect of this litigation is the attention now paid to the role of boards of directors in managing and responding to cyber liability risks. Boards concerned about potential liability of its officers and directors can look to two recent sources for guidance on this issue.

Continue Reading....

Cyber Lessons from Jennifer Lawrence

As you've no doubt heard, hackers recently accessed dozens of female celebrities’ personal cloud-based storage accounts, releasing hundreds of nude photographs and videos onto the web. Many of the photographs were taken by cell phones, which automatically backed up the files to popular cloud services, such as iCloud and Dropbox. Some suspect that the hackers then employed targeted attacks in which “brute force” programs were used to randomly guess weak passwords for a given username until it found a match. Once inside the celebrities’ cloud accounts, the hackers could access all manner of personal information. This is how many criminals operate today and all professionals should pay attention.

Continue Reading....

The Target Data Breach Litigation Begins

In November 2013, in the midst of the holiday shopping season, hackers targeted Target Corporation with one of the largest security breaches of its kind. The hackers installed malware on the company’s security and payment systems to steal credit card information. The result impacted over 100 million customers. Given the magnitude of the breach, it may be surprising to learn that Target had prepared for an attack. It invested over $1.5 million in malware detection software in 2013 alone and hired a leading security firm to monitor for suspicious activity and alert the company in the event of a breach. Obviously, that wasn’t enough, according to a wave of recent lawsuits.

Continue Reading....

Cy-“Burned” – The New Importance of Cyber Insurance

Data breaches that result in the unwanted dissemination of personal information are prevalent in the news of late, particularly given the rapid growth of electronically stored information and online commerce. A data breach can be very, very expensive even for the smallest of companies. On average, a relatively small breach that involves less than 10,000 records reportedly costs about $2.4 million in out-of-pocket expenses, $3 million in lost revenue, and no small amount of lost client confidence. Despite this risk, another recent study found that only 35% of small businesses invest in cyber insurance. This should be a major concern for all businesses and employers given that many standard policies exclude coverage for cyber losses.

Continue Reading....

Insider Trading at Law Firms? You Bet.

Law firms house a treasure trove of sensitive documents, confidential information, trade secrets and other materials of immeasurable value. Most professionals are aware of these risks and take steps to safeguard cyber and hard copy materials. Yet, the frightening ease with which materials land in the wrong hands was made public recently when a stock broker and a law firm employee were arrested on charges of fraud in connection with a $33 million insider trading scheme.

Continue Reading....

Cybercrime Strikes Target Corp

Target Corporation, the nation’s number two general retailer (after Wal-Mart), was recently the center of a cybercrime attack that may have compromised as many as 40 million credit and debit card accounts. Target revealed that a third-party had breached its security safeguards during the height of the holiday shopping season and gained access to private customer data, including shoppers’ names, credit card numbers, expiration dates, and three-digit security codes. This highly publicized debacle highlights the risks of cyber exposure.

Continue Reading....

Time to Revisit your Password

It is time to revisit your password because it may be susceptible to an easy hack. The risk of cyber loss is well documented. We’ve routinely warned of these risks previously and, no doubt, will continue to do so because cyber losses are reportedly increasing, and the cost to recover from a data breach can be staggering. All professionals maintain personally identifiable data that would be a goldmine to hackers. Most professionals - hopefully all – at the very least utilize the most fundamental type of security by storing electronic data in a password protected format. But, according to a recent survey, that password may need an update.

Continue Reading....