Latest Publications

Share:

[Webinar] Be Compromise Ready: Go Back to the Basics - May 9th, 12:00pm EDT

Cyber threats are here to stay. No company, large or small, is immune. But there are basic measures you can take to prepare for the legal and business risks associated with an attack....more

Be Compromise Ready: Go Back to the Basics

We are excited to release our third annual BakerHostetler Data Security Incident Response Report. This report analyzes the more than 450 data security incidents we led clients through in 2016. Companies continued to...more

Crowdsourcing Cybersecurity in 2017

BakerHostetler began publishing its Data Security Incident Response Report in 2015. Although we were the first law firm to do so, inspiration for the report came from similar reports that cybersecurity firms issue. We will be...more

What Can Be Learned From 2016 Security Incidents?

Cue the year-end articles saying that this was the worst year to date for data breaches. Follow that with more dire predictions for 2017. Layer in one-size-fits-all recommendations to mitigate these risks. And finish with...more

Home Depot Evades Shareholder’s Derivative Suit for 2014 Data Breach

Public companies that are proactively working to mitigate “cyber” risks and prepare to respond to potential incidents frequently ask whether a “breach” will lead to litigation, loss of customers, stock price decline, and...more

PayPal Reaches Settlement With Texas Over Venmo Privacy and Security Disclosures

Venmo is a peer-to-peer mobile payments service that PayPal acquired in 2013. Users can transfer money to another person using a mobile or web application (e.g., send money to a friend to split the cost of dinner). On May 20,...more

The CFPB Joins Privacy and Security Enforcement Arena With Action Against Dwolla

The Consumer Financial Protection Bureau (CFPB) announced on March 2, 2016, that it had entered into a consent order with online payment platform Dwolla to resolve the CFPB’s claims regarding statements made by Dwolla about...more

[Webinar] The New Class Action Risks for 2016 in Consumer Financial Services - Feb. 10th, 12:00pm, EST

Please join the BakerHostetler Class Action Defense Team's webinar on February 10, 2015, from 12:00-1:15 p.m., discussing the risks and trends expected to affect consumer financial services in 2016. The presenters will draw...more

Five Questions Clients Asked Most Often in 2015 About Incident Response

We provided incident response and incident response preparedness services to hundreds of companies in 2015. The questions we answered were as unique and varied as the incidents companies faced....more

How and Why to Pick a Forensic Firm Before the Inevitable Occurs

A forensic investigation by a security firm often does (and should) drive decision-making in response to an incident. Because the work of a security firm usually drives the critical path of a response, companies can become...more

EMV Liability Shift Update – What Liability Actually Shifts?

With the October 1, 2015 liability shift deadline looming, merchants who have not yet made the change continue to evaluate the cost of accepting EMV cards versus the liability that will shift from the issuer to the merchant...more

Explaining the Implications for Merchants of EMV and the Liability Shift

The EMV liability shift is coming. Sounds ominous, but what does it really mean? And how can retailers and merchants determine the potential impact of the shift on their business? Like many issues in the payment card...more

The BakerHostetler Data Security Incident Response Report 2015

The rate of disclosures of security incidents in 2015 continues at a pace that caused many to call 2013 and then 2014 “the year of the breach.” Most incidents are described publicly with attention-grabbing terms such as...more

2015 BakerHostetler Incident Response Report Deeper Dive—Retailer Liability Arising from Stolen Payment Cards

We released the inaugural BakerHostetler Data Security Incident Response Report, which provides insights generated from the review of more than 200 incidents that our attorneys advised on in 2014. Over the next four weeks, we...more

Cybersecurity is a Real Risk, So Become “Compromise Ready”

Many have heard that “it is not a matter of if a company will be attacked, but when.” Statements like this used to be met with skepticism – companies would say we do not have information hackers want, we outsource our...more

Dear Lawmakers, Your New Breach Notice Laws Should Address These Issues

The days of companies being so afraid of the reputational impact of a breach that they would look for any way possible to avoid disclosure are gone. The pendulum has swung in the opposite direction. Now companies, often in...more

Ruling Gives New Life to Bank Claims Against Breached Retailers in Target Case

One common occurrence after the disclosure by a retailer of a breach affecting card present payment card data used to be the filing of claims by banks that issued payment cards affected by the incident. The banks bringing the...more

FCC Plans $10 Million Cybersecurity Fine Against Two Telecoms

On October 24, 2014, the Federal Communication Commission (“FCC”) took a big step into the cybersecurity regulatory space when it announced its intent to assess a $10 million fine against two telecoms, TerraCom and YourTel...more

Why Worry About a Little Skimmer?

Merchants—rightfully so—are worried about securing their payment card environments so that their name does not appear in a headline discussing how millions of cards were stolen from them. Faced with the challenge of...more

Secret Service Raises Warning About Backoff POS Malware

The Secret Service, which investigates financial crimes, issued a security Alert on July 31, 2014, warning of malware named “Backoff” that was being used to steal payment card data from point-of-sale (POS) systems. The Alert...more

New Guidance for Merchants on Ensuring that Service Providers Share Security Responsibility

For merchants, long gone are the days of using a card reader with a dial-up connection to their payment processor. Today’s omni-channel retailers rely on multiple third party service providers to complete payment card...more

What’s Old is New Again—Insecure Remote Access

When a merchant is suspected of being the victim of an account data compromise event, they are often required by the card brands to hire a Payment Card Industry Forensic Investigator (PFI). The PFI provides a report on the...more

What is “Expedient” Notification of a “Data Breach?”

One of the first questions companies ask us when we are hired to help them respond to a new security incident is how fast they have to notify if the investigation shows that a “breach” occurred. Except for a couple of states...more

Visa Loses Motion to Dismiss in Genesco Case - Are the Days for PCI Assessments Numbered?

In a highly anticipated decision, a federal court in Tennessee let stand a retailer’s claims against Visa for violation of California’s Unfair Competition Law (UCL) and for common law claims for unjust enrichment and...more

APT Threat Report Shows Cybersecurity Risks Not Limited to Identity Theft

We often talk to companies who believe they are an unlikely target for hackers because they do not have financial account information, Social Security numbers, or medical information. However, personal information is not the...more

31 Results
/
View per page
Page: of 2

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.