Blog

Privacy Compliance & Data Security Blog

Privacy compliance and electronic data security affect almost every business. Data breach prevention is essential. Fox Rothschild's Privacy Compliance & Data Security Blog will help readers navigate through the policies and best practices of data breach response. The Blog covers topics including compliance with data protection laws and regulatory enforcement and litigation as well.

Recent Blog Posts

  • Cybersecurity: New Year Brings a New Set of Concerns for In-House Counsel Last year saw multiple high-profile data breaches, enough to place cybersecurity atop any in-house attorney’s 2018 priority list. But the threat posed by hackers isn’t the only cyber concern on the minds of in-house counsel this year, reports Corporate Counsel magazine. In the regulatory realm, complying with the European Union’s General Data Protection Regulation, which takes effect in May,  is expected to be companies’ top data privacy task of 2018. But it’s not the only one. The Chinese government also plans to... More
  • Cybersecurity Trends That Will Shape Your Business in 2018 Ransomware, data breaches, and emerging artificial intelligence — these are some of the cybersecurity trends that executives expect to spill into the coming year with some newer challenges, according to eWeek. The 2017 data leaks, hacks and attacks that alarmed industries across sectors will only grow more common. Cybersecurity leaders say they expect businesses to continue to innovate practices that bolster their privacy and create consumer products that offer a more comprehensive package of protections against malware, credit theft and identity... More
  • When a Company Is Hacked, Bitcoin May Buy Silence British businesses are stockpiling Bitcoin to payoff ransomware hackers, according to a ZDNet report. Ransomware is a form of malware that can freeze a company’s data. It allows hackers to demand a payoff in cash — or Bitcoin — in return for restoring a business’s functionality. In the wake of the WannaCry hacking attacks, which crippled the UK’s National Health Service, British business leaders may prefer to pay a ransom rather than disclose data breaches and suffer through government audits, fines, customer... More
  • Bitcoin Rising: Infrastructure Vulnerabilities Raise Security Concerns The soaring value of bitcoin and other cryptocurrencies has hackers mobilizing, according to Data Breach Today. Distributed denial-of-service attacks against bitcoin exchanges are up, and hackers have compromised software tied to “bitcoin gold,” the publication reports. While it’s not surprising, given bitcoin’s meteoric rise in value, the increased activity is raising questions about the security of cryptocurrency infrastructure. “Not to perpetrate fear, uncertainty and doubt, but I was told by people I really respect in threat intelligence that there are at least four very... More
  • Phony Apps Pose Serious Personal Information Dangers When it comes to cybercrime, not even your favorite app store is safe. The International Business Times reports that fake mobile applications carried by the most popular app stores often pose phishing and malware threats. Hackers create the apps to control parts of users’ mobile phones, flood devices with spam ads and steal personal information. They’re not always easy to spot. The more sophisticated counterfeits are designed to resemble legitimate games, e-commerce portals and social media apps. A fake version of WhatsApp,... More
  • Report: Hackers Polishing Phishing Techniques To Reel In More Victims Not long ago, phishing attacks were easy to spot. They’d be rife with misspellings or link to suspicious looking login pages. That’s changing, writes internet security expert Brian Krebs. Hackers are getting more sophisticated, sending potential victims to legitimate looking web pages, sometimes hosted on the “secure” HTTPS domain. Web security firm PhishLabs recently reported that the number of phishing sites hosted on HTTPS has doubled in the past year. That means companies and individuals need to keep on their toes. Krebs’ article... More
  • Millennials’ Embrace of Newer Forms of Social Media Poses HIPAA Challenges On our HIPAA & Health Information Technology Blog, associate Ankita Patel discusses how Millennials’ embrace of newer forms of social media such as Snapchat and Instagram poses HIPAA challenges for health care organizations. “With just a few taps and swipes, an employee can post a seemingly innocuous disclosure of PHI. Interns and residents of the younger generation may innocently upload a short-term post (be it a picture for two-seconds or an eight-second long video) of a busy hospital room or even an... More
  • U.S. Government CISO: Business Leaders Need To See Cybersecurity as a Risk Management Issue Cybersecurity professionals must work diligently to help business leaders understand that their work is more than just technology implementation, says Greg Touhill, the federal government’s first Chief Information Security Officer. It’s risk management. “I keep on hearing executives talk about cybersecurity being a technology problem, and they keep pouring money into buying new stuff,” rather than focusing on risk management, Touhill said in a speech to a gathering of cybersecurity pros this week in Washington DC. Instead of buying the hottest new cybersecurity tools, companies... More
  • Nonprofits Aren’t Immune From or Prepared for Cyberattacks The Financial Times reports that many nonprofits are vulnerable to cyberattacks. Many charities simply don’t want to invest time and money defending against hackers. A 2016 study found about half of nonprofits had not conducted a cyber risk assessment, and two thirds had no plans to increase spending on data security. But hackers don’t give nonprofits a pass. The article tells the story of a small, Indianapolis, Indiana-based cancer charity that lost all its client data in a ransomware attack. “While it is not surprising that charities want to spend... More
  • Hackers Increasingly Using Weak RDP Credentials in Ransomware Attacks Industry publication Data Breach Today reports hackers are increasingly exploiting weak Remote Desktop Protocol (RDP) credentials to launch ransomware attacks. “Many enterprises use remote desktop protocol to remotely administer their PCs and mobile devices,” reports Executive Editor Mathew J. Schwartz. “But security experts warn that weak RDP credentials are in wide circulation on darknet marketplaces and increasingly used by ransomware attackers.” RDP credentials have long been used to launch distributed denial of service (DDoS) and malware attacks. Investigators recently found RDP credentials for sale for... More