{"id":8232,"date":"2020-07-22T15:45:23","date_gmt":"2020-07-22T19:45:23","guid":{"rendered":"http:\/\/localhost:10028\/uncategorized\/spate-of-attacks-highlights-twitters-vulnerability\/"},"modified":"2020-07-22T15:45:23","modified_gmt":"2020-07-22T19:45:23","slug":"spate-of-attacks-highlights-twitters-vulnerability","status":"publish","type":"post","link":"https:\/\/napolilaw.lemonadestand.org\/en\/article\/spate-of-attacks-highlights-twitters-vulnerability\/","title":{"rendered":"Spate of Attacks Highlights Twitter\u2019s Vulnerability"},"content":{"rendered":"<p>The largest hack in the platform\u2019s history was just the latest in a long series of incidents. What implications does this lack of security have for ordinary New Yorkers?<\/p>\n<p>Hackers recently compromised some of the platform\u2019s largest accounts and used them to promote a Bitcoin donation scam.<\/p>\n<p>Twitter is much smaller than Facebook and some other social media platforms, but it is extremely influential.<\/p>\n<p>Many accounts have millions of followers worldwide.<\/p>\n<p>So, it is a very tempting target for hackers. Some observers think that Twitter was ill-prepared to handle this latest onslaught.<\/p>\n<p>\u201cGood cybersecurity is so often getting the basics right over and over again: strong passwords, good multi-factor authentication. . .a willingness to test systems until they break to learn how to improve them, and more,\u201d commented Atlantic Counsel Cyber Statecraft Director Trey Herr.<\/p>\n<p>\u201cIt may be that Twitter <u><a href=\"https:\/\/www.cnn.com\/2020\/07\/16\/tech\/twitter-hacker-target\/index.html\" target=\"_blank\" rel=\"noopener\">has some work to do<\/a><\/u> on this basic blocking and tackling,\u201d he added. Twitter did not immediately respond to this allegation.<\/p>\n<p>In recent years, hackers have sent fraudulent tweets and the Justice Department accused Twitter employees of spying.<\/p>\n<h2>Information Security Liability<\/h2>\n<p>Huge security lapses like the latest Twitter breach normally grab the headlines.<\/p>\n<p>But most data breaches involve small companies and a few hundred accounts. The injuries these cyber victims sustain are just as bad, or even worse.<\/p>\n<p>A number of smaller hacks do not involve the internet at all.<\/p>\n<p>A number of groups, especially doctors, lawyers, accountants, and other professional organizations, have liberal BYOD (bring your own device) policies.<\/p>\n<p>Thumb drives and other such devices are quite secure, if the owners do not leave them lying around.<\/p>\n<p>Unfortunately, these small, compact drives are very easy to misplace or forget.<\/p>\n<p>On a related note, many companies encourage employees to use their laptops and work remotely. It is rather easy to hack into an open WiFi account at a coffee shop or restaurant.<\/p>\n<p>Additionally, many small companies have rather weak security safeguards. But the information they store is quite valuable.<\/p>\n<p>All these issues could lead to <u><a href=\"\/practice-areas\/complex-business-litigation\/\">legal liability for a security breach<\/a><\/u>. A negligence claim in this area has three basic prongs:<\/p>\n<ul>\n<li><strong>Nature of the Business<\/strong>: Almost all businesses store some personal information, but in many cases, this information is in unusual places. For example, a law office probably knows to protect bank account information in a payment portal, but an obscure line on a random form might be vulnerable to attack.<\/li>\n<li><strong>Preventative Measures<\/strong>: The standard of care often comes into play here. Professionals, especially financial professionals, must use the highest level of encryption available. Other businesses, like a retailer who stores nothing but sales records, might only need lesser deterrent security.<\/li>\n<li><strong>Breach Response<\/strong>: This final area is usually relevant in terms of damages. When breaches happen, many companies fail to report them or understate their extent. Such wrongful conduct arguably entitles a plaintiff to additional punitive damages.<\/li>\n<\/ul>\n<p>Many businesses have cybersecurity insurance that covers situations like these. Because this is still an emerging area, insurance companies are often slow to respond, as set out below.<\/p>\n<h2>Insurance Disputes<\/h2>\n<p>Business owners and injured people count on insurance companies to do the right thing in these situations.<\/p>\n<p>But many insurance companies readily sell cybersecurity insurance policies, although they lack the necessary infrastructure to handle these claims.<\/p>\n<p>This lack of infrastructure does not affect the insurance company\u2019s duty in these situations.<\/p>\n<p>Initially, insurance companies have a duty to promptly and thoroughly investigate claims.<\/p>\n<p>Small hacks might fly under the radar and large hacks might be overwhelming. But the insurance company\u2019s responsibility remains the same.<\/p>\n<p>Additionally, if liability is relatively clear, insurance companies have a duty to pay promptly as well.<\/p>\n<p>Although cybersecurity breaches are essentially negligence cases, many normal negligence defenses, such as contributory fault, do not apply.<\/p>\n<p>Many victims had no idea their information was stored carelessly, so they had no role in the breach whatsoever.<\/p>\n<p>And, for business owners, most of these policies are quite clear in terms of coverage parameters.<\/p>\n<p>If a lawyer must take action to enforce your rights in an insurance dispute, the insurance company must normally cover the plaintiff\u2019s attorneys\u2019 fees and legal costs.<\/p>\n<p>A cybersecurity sensitive information breach could be one of the most serious personal injury your family could sustain.<\/p>\n<p>For a free consultation with an <u><a href=\"\/contact-us\/\">experienced personal injury attorney in New York<\/a><\/u>, contact Napoli Shkolnik .<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The largest hack in the platform\u2019s history was just the latest in a long series of incidents. What implications does this lack of security have for ordinary New Yorkers? Hackers&#8230;<\/p>\n","protected":false},"author":3,"featured_media":8233,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"categories":[775],"tags":[815,820,851,878,964,1005,1006],"class_list":["post-8232","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-personal-injury","tag-general-negligence","tag-product-liability","tag-personal-injury-lawyers-near-me","tag-insurance-claims","tag-personal-injury","tag-cyber-security","tag-data-breach"],"acf":[],"page_builder_type":"gutenberg","gutenberg_data":[],"_links":{"self":[{"href":"https:\/\/napolilaw.lemonadestand.org\/en\/wp-json\/wp\/v2\/posts\/8232","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/napolilaw.lemonadestand.org\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/napolilaw.lemonadestand.org\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/napolilaw.lemonadestand.org\/en\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/napolilaw.lemonadestand.org\/en\/wp-json\/wp\/v2\/comments?post=8232"}],"version-history":[{"count":0,"href":"https:\/\/napolilaw.lemonadestand.org\/en\/wp-json\/wp\/v2\/posts\/8232\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/napolilaw.lemonadestand.org\/en\/wp-json\/wp\/v2\/media\/8233"}],"wp:attachment":[{"href":"https:\/\/napolilaw.lemonadestand.org\/en\/wp-json\/wp\/v2\/media?parent=8232"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/napolilaw.lemonadestand.org\/en\/wp-json\/wp\/v2\/categories?post=8232"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/napolilaw.lemonadestand.org\/en\/wp-json\/wp\/v2\/tags?post=8232"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}