Patent Lawyers & Attorneys for Trademark, IP & Technology Claims in DC & Virginia : Identity Theft : Technology Law Source

Home > Identity Theft >

IMPACT: Measuring the Loss of Brand and Business Reputation after a Data Breach

Posted on November 23, 2011 by Donna Ruscitti

Brand and business reputation suffer following a data breach. A recently released survey puts some numbers to the losses and shows just how much that damage can be, with breach of customer data being the most costly. The study, independently conducted Ponemon Institute LLC and sponsored by Experian® Data Breach Resolution, is believed to be the first study to compare the impact of the loss of confidential customer or employee information and sensitive business information with loss of brand and business reputation.

Tags: Data Breach Notification, Identity Theft, brand, customer information, employer information, personal information, social security number

Porter Wright Information Privacy and Data Security Workshop Series

Posted on January 5, 2011 by Sara Smith

Please join us for this informative series focused on the technical, enforcement, and practical aspects of experiencing and responding to a data security incident. For the complete invitation and details on registration please click here.

IDENTITY THEFT, CORPORATE DATA SECURITY BREACHES AND LAW
ENFORCEMENT: SHOULD I CALL THE COPS?

Learn How to Effectively Utilize Law Enforcement and Private Security Resources to
Protect Yourself and Your Business From Computer Criminals

January 20, 2011
11:30 a.m. - 1:30 p.m. Lunch will be provided
Capital Club - 41 South High Street, 7th Floor
Columbus, Ohio

Focus issues:
Trends in Identity Theft
What Can Lead to a Data Breach
Law Enforcement
Identity Theft Investigations

Tags: Data Breach Notification, Identity Theft, Information Technology, Privacy

FBI Issues Warning Regarding Denial of Service Attacks

Posted on June 24, 2010 by Justin Root

Is your phone ringing off the hook? Then you’d better check your bank account. According to the Federal Bureau of Investigation, a new “telephone denial-of-service” attack is combining high-tech and low-tech fraud techniques to steal money from the bank accounts of unsuspecting victims.

As reported in the alert issued by the FBI, the scam begins with the suspect obtaining a victim’s personal and banking information, perhaps including bank account numbers, PINs, and passwords. Scammer can obtain a victim’s personal and banking information in a variety of ways, such as through phishing emails, social engineering tactics, or malware surreptitiously installed on a person’s computer.

Once the scammers have the victim’s personal information, they begin tying up the victim’s telephone line by using automated resources to place hundreds or thousands of calls to the victim’s telephone, not unlike a Distributed Denial of Service attack aimed at a computer network that overwhelms a computer with requests for information resulting in a slowing or failure of the network.

While the victim is busy dealing with the onslaught of telephone calls, the scammers quickly drain the victim’s bank account using the previously obtained personal and banking information to gain access to the account. If the banking institution calls its customer to verify the transactions they find the victim’s telephone line to be busy. In some cases, scammers are brazen enough to change a victim’s contact information listed with the bank. As a result, calls from a bank to verify fraudulent transactions are redirected to the scammers. According to the FBI, “[b]y the time the victim or the financial institution realize what happens, it’s too late.”

Although the FBI did not disclose how much money it believes to have been stolen in this matter, it highlighted the case of a Florida dentist who lost $400,000 from his retirement account through such a scam. Based on the Bureau’s alert, it appears that such crimes will continue to increase in frequency.

Ultimately, the telephone calls serve as a diversion to occupy the victim and a barrier to prevent a bank from verifying the authenticity of fraudulent transactions. If you believe you have been targeted in such a scam, or if you believe you have been the victim of any other online fraud, visit the Internet Crime Complaint Center for resources and guidance.

Tags: Identity Theft, Privacy

Security Breach Results in Fine Despite Prior Security Measures

Posted on April 20, 2010 by Justin Root

In January 2008, the Davidson Companies, a financial services holding company, announced that a database containing current and past customer records had been hacked during a SQL injection attack. On April 14, 2010—more than two years after the network intrusion—the Financial Industry Regulatory Authority (FINRA) fined the company $375,000 for the breach.

Tags: Data Breach Notification, Identity Theft, Privacy

Identity Theft Protection Company to Pay $12 Million to Settle FTC Claims, State AG Actions

Posted on March 22, 2010 by Robert J. Morgan

According to an FTC press release on March 3, 2010 and as reported in various media outlet reports, like this one from The New York Times, LifeLock, Inc., an identity theft protection company, has agreed to pay $11 million to the Federal Trade Commission and $1 million to a group of 35 state attorneys general to settle charges that the company used false claims to promote its identity theft protection services.

The FTC claims and state attorneys general actions appear to have been centered around LifeLock's representations that its protections against identity theft were complete, absolute, and guaranteed. FTC Chairman Jon Leibowitz noted in the FTC’s press release,

"While LifeLock promised consumers complete protection against all types of identity theft, in truth, the protection it actually provided left enough holes that you could drive a truck through it."

Tags: FTC, False Advertising, Identity Theft, Privacy

Technology Law Source
Porter Wright Morris & Arthur LLP

Cincinnati 250 East Fifth Street
Suite 2200
Cincinnati, OH 45202-5118
Phone: 513-381-4700
Toll Free: 800-582-5813
Fax: 513-421-0991

Cleveland 925 Euclid Avenue
Suite 1700
Cleveland, OH 44115-1483
Phone: 216-443-9000
Toll Free: 800-824-1980
Fax: 216-443-9011

Columbus Huntington Center
41 South High Street
Columbus, OH 43215-6194
Phone: 614-227-2000
Toll Free: 800-533-2794
Fax: 614-227-2100

Dayton One Dayton Centre
Suite 1600
One South Main Street
Dayton, OH 45402-2028
Phone: 937-449-6810
Toll Free: 800-533-4434
Fax: 937-449-6820

Naples 9132 Strada Place
Third Floor
Naples, FL 34108-2683
Phone: 239-593-2900
Toll Free: 800-876-7962
Fax: 239-593-2990

Washington, D.C. 1919 Pennsylvania Avenue
NW, Suite 500
Washington, DC 20006-3434
Phone: 202-778-3000
Toll Free: 800-456-7962
Fax: 202-778-3063

Porter Wright Morris & Arthur LLP offers this blog for general informational purposes only. The content of this blog is not intended as legal advice for any purpose, and you should not consider it as such advice or as a legal opinion on any matters. The information provided herein is subject to change without notice, and you may not rely upon any such information with regard to a particular matter or set of facts. Further, the use of the blog does not create, and is not intended to create, any attorney-client relationship between you and Porter Wright Morris & Arthur LLP or any individual lawyer in the firm. No such relationship will be considered to have been formed until we have had an opportunity to resolve any conflict of interest issues and have advised you, in writing, of the nature and scope of the legal services to be provided. Unless we establish an attorney-client relationship with you with regard to the particular matter, we will not treat any information that you may send to us, or submit as a comment to a blog article or entry, as confidential or privileged, and any unsolicited communications may be disclosed to other persons without regard to confidentiality considerations. Use of the blog is at your own risk, and the site is provided without warranty of any kind. We make no warranties of any kind regarding the accuracy or completeness of any information on this blog, and we make no representations regarding whether such information is reliable, up-to-date, or applicable to any particular situation. Porter Wright Morris & Arthur LLP expressly disclaims all liability for actions taken or not taken based on any or all of the contents of this blog, or for any damages resulting from your viewing and use of this blog.

LexBlog Lawyer Blogs and Law Firm Blog Design

Technology Law Source : Technology Lawyers & Attorneys for Patents, Trademarks & Copyright Issues in Ohio, Washington DC, Florida

Published By
Porter Wright

Mapping the evolving legal landscape

IMPACT: Measuring the Loss of Brand and Business Reputation after a Data Breach

Porter Wright Information Privacy and Data Security Workshop Series

FBI Issues Warning Regarding Denial of Service Attacks

Security Breach Results in Fine Despite Prior Security Measures

Identity Theft Protection Company to Pay $12 Million to Settle FTC Claims, State AG Actions