For the past several years, thousands of businesses have been hit with phishing scams during tax season. Through these social engineering scams, hackers obtain employee Forms W-2 for filing fraudulent tax returns seeking large refunds. These phishing emails are typically sent as clients begin the process of issuing W-2s to employees.  Often employers do not

As announcements relaying the spread of Coronavirus (COVID-19) continue daily, governmental agencies at all levels are offering information and guidance, and businesses are scrambling to prepare and protect their employees and customers. As part of a larger group in my firm helping to synthesize all this information, there is an aspect of responding to

The United State Supreme Court recently denied certiorari in Nosal v. United States, 16-1344, declining to weigh in on the scope of unauthorized access under the Computer Fraud and Abuse Act (“CFAA”). The Ninth Circuit held in Nosal that David Nosal violated the CFAA by using his past assistant’s password to access his former

As reported on our Global Immigration Blog, the U.S. Citizenship and Immigration Services (USCIS) has issued a notice regarding scam email requests for I-9 information. 

According to USCIS, employers have received scam emails that appear to come from USCIS.  These scam emails come from a fraudulent email address (news@uscis.gov) and the body of

Delaware joins the growing number of states that recently amended their data breach notification law. On August 17th, Delaware amended its data breach notification law with House Bill 180, the first significant change since 2005, effective 240 days after enactment (on or about April 14, 2018). 

Delaware maintains the state law trend

Last August, we reported on a Ninth Circuit case in which a former employee was convicted of a crime under the Computer Fraud and Abuse Act (“CFAA”) for accessing and downloading information from his former company’s database “without authorization.”  The former employee has now asked that the U.S. Supreme review the Ninth Circuit’s decision.

The

Fortune.com reported that according to an International Data Corporation (IDC) forecast, by 2020, spending on security-related hardware, software, and services will eclipse $100 billion. However, consulting company NTT Com Security recently surveyed 1,000 executives and found only about half of them reported having a formal plan to respond to a data breach. Franklin wisely noted

Last month, Illinois Governor Bruce Rauner signed into law a number of amendments to the State’s Personal Information Protection Act (“PIPA”) that expand the definition of protected personal information and increase certain data breach notification requirements.  The amendments, highlighted below, take effect January 1, 2017.

Currently, “personal information” is limited to an individual’s first name

With breaches caused by payment card thieves and hackers dominating the news, it is easy for mid-sized and small companies to think that data breaches are unfortunate events that affect only large companies. Not only is this sentiment misguided, but in relative terms the information contained in exposed emails can cause far more damage to