Data Breach

FFIEC Warns of Increase in Cyber Attacks Involving Extortion, Encourages Financial Institutions to Develop Response Programs

November 10, 2015 By Privacy, Cyber & Data Strategy Team

Last week, the Federal Financial Institutions Examination Council (FFIEC) issued a joint statement warning of an “increasing frequency and severity of cyber attacks involving extortion.” The statement warned that criminals have been extorting financial institutions using a variety of tactics, including denial of service attacks, theft of sensitive information, and use of “ransomware,” which is […]

Kim Peretti to Speak at Today’s General Counsel Institute

November 4, 2015 By Cybersecurity Preparedness & Response Team

Kim Peretti, partner and co-chair of Alston & Bird’s Cybersecurity Preparedness & Response Team, will speak at “The Exchange” Data Privacy and Cybersecurity Forum in Washington, DC from November 4-5. The forum is being presented by Today’s General Counsel Institute. Kim will be presenting on the topic “Breach Response: What Do I Do Now?” The session will […]

Alston & Bird to Host Live Program and Webinar on National Security, Espionage, and Data Breaches

October 12, 2015 By Privacy, Cyber & Data Strategy Team

On October 29, Alston & Bird’s Cybersecurity Preparedness & Response Team will host a live program and webinar called National Security, Cyber Espionage and “Bulk PII” Breaches in our Washington, DC office. The program will examine the recent phenomenon of allegedly state-sponsored actors executing major cyber-attacks specifically targeting large databases of personal data for espionage […]

California Updates Data Breach Notification Statute; Provides Model Notification Form

October 9, 2015 By Privacy, Cyber & Data Strategy Team

On October 6, California Governor Jerry Brown signed into law two different updates to California’s data breach notification statute. Both updates will become effective on January 1, 2016. The first update, AB 964, defines “encrypted” for purpose of the statute to mean ”rendered unusable, unreadable, or indecipherable to an unauthorized person through a security technology […]

PCI Security Standards Council Publishes Data Breach Response Guidance

October 6, 2015 By Privacy, Cyber & Data Strategy Team

The PCI Security Standards Council (PCI-SSC) has released new guidance on its website advising merchants how to deal with a data breach. The guidance particularly details when a PCI Forensic Investigator (PFI) will be required, and provides tips on making the PFI process go smoothly. The PCI-SSC states that “preparing for the worst is the […]