October 17, 2022
Cybersecurity: State Bar of Georgia Reveals New Details on Data Breach
A follow-up on the cybersecurity breach incident at the State Bar of Georgia in April 2022. Initially, it was reported that a BitLocker ransomware was involved but a representative stated that the incident did not involve any monetary demand.
The statement published last week provided a detailed explanation as to what has occurred including the investigation of a third-party cybersecurity firm, law enforcement, and state regulators. The investigation concluded that an unauthorized individual evaded security protocols that granted them access to its systems, “although we had security protocols and technology in place to help prevent unauthorized access.” The compromise included current and former employees' names, addresses, dates of birth, Social Security numbers, driver’s license numbers, direct deposit information, or name change information.
The State Bar offers all members and employees free credit monitoring and identity protection services as a result of what happened.
Regulation: New Executive Order to Implement EU-U.S. Data Privacy Framework
On October 7, 2022, U.S. President Joe Biden signed a new Executive Order that implements the EU-US Data Privacy Framework (DPF). This focuses on Enhancing Safeguards for United States Signals Intelligence Activities which refines the United States' roles in the implementation of the EU-U.S. Trans-Atlantic Data Privacy Framework.
The EO will replace the EU-US Privacy Shield which was struck down in July 2020 by the Court of Justice of the European Union (CJEU). It addresses the previous inadequacies in the self-certification scheme and strengthens the privacy and civil liberties protections for foreign individuals. It also includes a “Signals Intelligence Redress Mechanism” which includes collecting foreign intelligence from communications and information systems.
The European Commission will now review the DPF and prepare to release an adequacy decision and adoption procedure.
InfiniGlobe is a full-service consulting and software company. Our team of experts has 20+ years of industry experience working with top corporate legal departments and law firms. Contact us at email@example.com or at (833) LGL-TECH.