Eversheds Sutherland Cybersecurity and Privacy Insights Blog
content top

It’s a material world—why the SEC’s Yahoo! penalty really matters

Determining whether to notify when struck by a cyberattack can be a complex undertaking, but the SEC’s recent $35 million penalty levied on Yahoo! Inc. for untimely disclosure of its breach raises the stakes for corporations. The need for a proactive, well-thought out regulatory notification strategy, and an awareness of the dangers of default non-disclosure positions, has never been...

A paradise for data privacy advocates—Bermuda’s privacy law now in full effect

With enactment of the Personal Information Protection Act (PIPA), Bermuda can now count itself among the ever-expanding list of jurisdictions with enhanced privacy protections. PIPA, passed on July 27, 2016, and entered into force in December 2017, shares many of the more stringent requirements and protections with Europe’s impending General Data Protection Regulation (GDPR), which...

Hospitals’ Response to Data Breaches May Be Impacting Patient Health

A study presented last week at the 4A Security and Compliance Conference in Philadelphia, found an increase in a common measure of mortality rates at hospitals following data breaches. However, there did not appear to be any correlation between the type of breach or the number of records affected by the breach, leading the researchers to conclude that it was the response to the breach,...

Indictment in Massive Iranian Cyberbreach Shows Companies Still Vulnerable

If general counsel fear their companies are vulnerable to cyberattacks from far afield, they have good reason. An indictment unsealed Friday details how hackers hired by the Iranian government broke into computer systems of at least 36 U.S. companies, including technology firms, banks, media companies and a law firm. Learn...

Eversheds Sutherland launches BreachLawWATCH mobile app

We are pleased to announce the release of BreachLawWATCH, a unique mobile app that provides easy, consistent access to data breach statutes across the United States and a growing number of jurisdictions, including Europe and Asia. Easy-to-use functionality enables users to find specific and relevant state and global breach notification regulations at their fingertips. Learn...

NERC and power company reach settlement on violations of cybersecurity standards

A power company has reached an agreement with the North American Electric Reliability Corporation (NERC) to pay $2.7 million for violations of a cybersecurity reliability standard. This violation resulted from the online exposure of the company’s data due to a vendor’s mishandling of the data, allowing unrestricted third-party access to 30,000 asset records. The violation posed a...

« Older Entries