CNBC surveys over 2,000 small businesses each quarter to get their thoughts on the overall business environment and their small business’ health. According to the latest CNBC/SurveyMonkey Small Business Survey, despite repeated warnings by the Cybersecurity and Infrastructure Security Agency and the FBI that U.S.-based businesses are at an increased risk of a cyber-attack following
Data Privacy + Security Insider
Blog Authors
Latest from Data Privacy + Security Insider
Data Breach Class Action Against Radiology Companies Dismissed for Lack of Standing
Last week, New York federal judge Vincent L. Bricetti dismissed a data breach class action against Northeast Radiology PC (Northeast) and Alliance HealthCare Services (Alliance) because the plaintiffs failed to allege a cognizable injury.
In July 2021, Jose Aponte II and Lisa Rosenberg filed suit alleging that Northeast and Alliance failed to protect their sensitive…
FTC Adopts Policy Statement to Increase Scrutiny for COPPA Violations
On May 19, 2022, the Federal Trade Commission (FTC) adopted the “Policy Statement on Education Technology and the Children’s Online Privacy Protection Act” (COPPA), which calls for increased scrutiny for violations of COPPA by education technology companies. The FTC said in its statement:
The [FTC] is committed to ensuring that education technology (“ed tech”) tools…
Voiceprints and Biometric Litigation
According to a report published in March 2022 by Global Market Insights Inc., the global market valuation for voice recognition technology will reach approximately $10 billion by 2028. As we know, many employers prefer and are already using (or considering) voice-powered timekeeping systems over fingerprints, and consumers are using voiceprint technology for health care apps,…
Chicago Public Schools Notifying Students and Staff of Vendor’s Ransomware Attack
The Chicago Public Schools system is in the process of notifying students, families and some current and former employees that their personal information was compromised as a result of a ransomware attack against a technology vendor, Battelle for Kids.
According to the notification letter, parents of students who attended a Chicago public school between…
Privacy Tip #333 – Chatbots Used to Steal Credentials
I am not a huge fan of using chatbots, as I never end up getting my questions fully answered. I get the efficiency of using a chatbot for simple questions, but my questions are usually not so easily resolved, so I end up completely frustrated with the process and trying to find a human being…
NIST Releases Guidance on Supply Chain Security
The National Institute of Standards and Technology (NIST) Information Technology Laboratory recently released guidance entitled “Software Supply Chain Security Guidance,” in response to directives set forth in President Biden’s Executive Order 14028—Improving the Nation’s Cybersecurity.
The guidance refers to existing industry standards, tools, and recommended practices that were previously published by NIST in SP800-161 “Cybersecurity…
U.S. Agricultural Machinery Manufacturer Hit with Ransomware Attack
This week, AGCO, a U.S. agricultural machinery manufacturer, suffered a ransomware attack that affected its business operations and shut down its systems.
AGCO, headquartered in Duluth, Georgia, designs, produces, and sells tractors, combines, foragers, hay tools, self-propelled sprayers, smart farming technologies, seeding and tillage equipment. AGCO first discovered this attack through its subsidiary, Massey-Ferguson, when…
Connecticut’s Privacy Law Signed by Governor
Connecticut Governor Ned Lamont signed the Personal Data Privacy and Online Monitoring Act (CPDPA) into law on May 10, 2022, making Connecticut the most recent state to pass its own privacy law in the absence of comprehensive federal privacy legislation. Connecticut follows in the steps of Nevada, California, Virginia, Colorado and Utah in enacting its…
Privacy Tip #331 – ACLU Settles Facial Recognition Suit with Clearview AI
The American Civil Liberties Union (ACLU) filed suit against Clearview AI, Inc. (Clearview AI) in March 2020, alleging that it violated the Illinois Biometric Information Privacy Act (BIPA) by capturing and using billions of individuals’ faceprints without consent. The ACLU filed suit “on behalf of groups representing survivors of domestic violence and sexual assault, undocumented…