Oregon became the latest state to require manufacturers of internet “connected devices” that make, sell or offer to sell the devices in the state to equip the device with “reasonable security features” according to Oregon House Bill 2395 amending ORS 646.607.

According to the law, “[R]easonable security features” means methods to protect a

The “security principle” under the General Data Protection Regulation (GDPR) requires that organizations process personal data securely by means of “appropriate” technical and organizational measures. This month, the United Kingdom’s Information Commissioner’s Office (ICO) issued new guidance focused on two specific measures the ICO recommends that companies consider in complying with the GDPR security requirements: encryption and passwords.
Continue Reading UK Information Commissioner’s Office Issues Guidance on Use of Encryption and Passwords in Connection with GDPR

Lightspeed, a retail point-of-sale company that provides cloud-based services to 38,000 clients, has reported that its central database, which stores client information on sales, products, encrypted passwords, and in some instances, electronic signatures, has been compromised.

The system that was compromised was the one that retailers can access through tablets, smartphones, and other mobile devices.

The list of states that have passed social media legislation is getting longer. Early next week, Oklahoma will become the newest state to consider social media legislation (along with approximately 23 others) to prohibit employers from asking employees or applicants to provide them with their social media account passwords and from being forced to access

Late last week, the American Bankers Association disclosed that its computer systems had been compromised exposing thousands of members’ personal information. The hacking occurred through its website’s shopping cart tool, which is used to make purchases or to register for events. The hackers stole 6,400 usernames and passwords. The Association denies that any credit card

Joining more than 20 other states, and many of its sister states in the Northeast, Maine has passed a social media law that prohibits employers from requiring employees or applicants to provide them with their social media account information and passwords. This social media law was not passed in the traditional fashion of passage by