Pennsylvania Supreme Court: Employers have legal duty to protect employee data

(Dec 7, 2018) The Pennsylvania Supreme Court recently ruled that employers have a legal duty to protect employees’ electronically stored personal information and that failing to do so could leave them liable for damages, according to a blog post from Stradley Ronon. The report states that while the decision sends a clear message, the state recognizes the duty of the employer to safeguard employees, adding that “the extent of this duty remains unclear.” The case, Dittman v. UPMC, involved allegations that the ... Read More

Nordstrom discovers contract worker improperly handled employee data

(Nov 13, 2018) Nordstrom has notified current and former staff members of a breach after it was discovered a contract worker “improperly handled some Nordstrom employee data,” The Seattle Times reports. The retailer found names, Social Security numbers, dates of birth, checking account and routing numbers, and salaries may have been exposed in the breach. A Nordstrom spokesperson said no customer data was affected by the incident. The retailer said in a statement the contract worker no longer has access to its... Read More

Court of Appeal rules against Morrisons in data breach case

(Oct 25, 2018) The U.K. Court of Appeal upheld the High Court’s ruling against Morrisons for its 2014 data breach, BBC News reports. The appeal court determined Morrisons is liable for the breach where an employee stole the personal information of nearly 100,000 employees. Morrisons argued it could not be held liable for criminal misuse of the data. The supermarket chain added it plans to appeal the decision to the Supreme Court. "Morrisons worked to get the data taken down quickly, provide protection for thos... Read More

Pentagon hit by data breach potentially affecting 30K employees

(Oct 15, 2018) The Pentagon announced it has been hit by a data breach potentially impacting 30,000 employees, The Associated Press reports. A cyberattack on an unidentified vendor resulted in compromised personal data and credit card information of U.S. military and civilian personnel. Pentagon Spokesman Lt. Col. Joseph Buccino said the department is investigating the breach to determine who was behind the attack and whether more individuals will be affected. “The department is continuing to assess the risk o... Read More

British Columbia privacy commissioner, RCMP launching investigation into NCIX data breach

(Sep 28, 2018) The Office of the Information and Privacy Commissioner of British Columbia and the Royal Canadian Mounted Police are launching an investigation into a potential data breach involving computer retailer NCIX, CBC News reports. Systems Analyst Travis Doering was set to purchase computers formerly belonging to the bankrupt company when he was offered data from offline backup servers on millions of transactions. The data included customers’ addresses, phone numbers and credit card information, as wel... Read More

The perils of employee-collaboration tools and how to avoid them

(Sep 25, 2018) The workforce of today in America looks very different from the one that existed even 20 years ago. Perhaps not gone, but certainly altered, is the image of the harried office worker stuck in traffic, delayed by weather or family concerns, and otherwise desperate to be present in their office between 9 a.m. and 5 p.m. Today, the rise of flexible work schedules, job shares and teleworking, has created much desired flexibility for many workers. In released statistics from a few years ago, more tha... Read More

Privacy breach among reasons for professor's firing

(Sep 14, 2018) CBC News reports a breach of privacy was among the reasons why Acadia University fired a controversial professor. Rick Mehta had been accused of harassing and intimidating students and colleagues. One of the complaints against Mehta states the former professor posted a recording to a publicly available Dropbox account for one of his classes where a student discussed the instance in which she was raped. "This action further demonstrates your disregard for the privacy rights of students and sugges... Read More

New lawsuit highlights BYOD gray areas for employers

(Sep 12, 2018) The former managing director of Brevet Capital Management is suing his former employer for allegedly accessing his computer to read emails and steal data held on two personal hard drives he owned, The Wall Street Journal reports. Paul Iacovacci claims Brevet installed software allowing the firm to copy and transfer data out of the hard drives following the ex-director filing a lawsuit for wrongful termination. The ruling in the case could inform future lawsuits as bring-your-own-device policies ... Read More

University of Manitoba seeks changes to privacy laws on disclosing employee behavior

(Aug 31, 2018) Following a pair of instances of professors committing acts of sexual misconduct, University of Manitoba administrations are pushing the province to re-examine privacy laws preventing them from sharing details about the incidents, CBC News reports. Jazz Professor Steve Kirby retired from the school following the allegations against him and was eventually hired at Berklee College of Music in Boston. Kirby was then fired from the school after those who made the complaints about him informed Berkle... Read More

Staffing agency leaks employee details

(Aug 30, 2018) Staffing firm OneHalf exposed hundreds of employee records in a public GitHub according to security software vendor UpGuard, iTnews reports. A member of UpGuard’s Cyber Risk Team discovered the breach Aug. 9, and while it was reported multiple times, the database was made secure Aug. 22 without comment from OneHalf. The employee found the database had been created and left unsecured since early 2018, alleging that basic security practices went ignored. Compromised information included employee e... Read More