Episode 108 -- The Capital One Data Breach and Vendor Cybersecurity Risks
When federal agencies review bank mergers, the competition issues typically relate to the number and location of physical branches and the extent of any overlap in the areas served. By contrast, the proposed $35 billion...more
As part of Manatt’s continuing monthly coverage of the aftermath of Facebook v. Duguid and how district courts are applying it to determine whether a calling system meets the Supreme Court’s newly clarified definition of an...more
The saga of the Capital One data breach, which impacted an estimated 106 million individuals in the U.S. and Canada, may soon be coming to an end. After more than two years of litigation, the parties have reached a settlement...more
Supreme Court of Virginia Declines Certified Questions from Federal Court in In re: Capital One Consumer Data Security Breach Litigation - The lawsuit In re: Capital One Consumer Data Security Breach Litigation, has already...more
This week’s Update again features a number of stories on fintech and its emerging influence on the travel and lodging industries. Enjoy....more
In ongoing multidistrict litigation concerning Capital One’s 2019 data breach, Capital One succeeded in defeating a motion to compel disclosure of a privileged root cause analysis conducted by PwC. In contrast to an earlier...more
- In ongoing multidistrict litigation concerning Capital One’s 2019 data breach, Capital One succeeded in defeating a motion to compel disclosure of a privileged root cause analysis conducted by PwC. - In contrast to an...more
Report on Supply Chain Compliance 3, no. 16 (August 20, 2020) - The Office of the Comptroller of the Currency fined Capital One USD 80 million for inadequate data controls leading to a 2019 data breach and for failing to fix...more
Just over a year ago, on July 19, 2019, one of the largest confirmed data breaches in history was identified. The Capital One data hack exposed the personal information of more than 100 million customers and credit applicants...more
Digital transformation refers to the process of leveraging technology, people and processes to innovate or stay competitive. The main driver of this process is often data...more
As we previously reported, Capital One Financial Corporation announced in July 2019 a major data security breach when an individual gained unauthorized access to personal information about Capital One credit card customers. ...more
The U.S. Office of the Comptroller of the Currency (OCC) announced this week that it has entered into a Consent Order and fined Capital One $80 million for the data breach the company experienced last year....more
As we previously reported, the Magistrate Judge in In re: Capital One Customer Data Security Breach Litigation, found that a forensic report that Capital One had claimed was protected by the privilege and work product...more
In a recent decision, a Virginia federal magistrate judge held that the attorney work product doctrine did not protect from discovery a forensic investigation report created for Capital One in the wake of a 2019 data breach....more
A May 26, 2020 order by U.S. Magistrate Judge John F. Anderson (E.D. Va.) that attorney work product protection did not preclude production of a forensic vendor's data breach investigation report to plaintiffs in the Capital...more
The United States District Court for the Eastern District of Virginia (Court) has held that a cyber-forensic investigation report was not protected by the attorney work product doctrine and ordered Capital One to produce it...more
In the action In Re Capital One Consumer Data Security Breach Litigation, No. 19-2915 (E.D. Va.) (Capital One), a Virginia federal court determined that a forensics investigation report conducted by a third-party investigator...more
A recent order by a federal court in Virginia rejected arguments that a cybersecurity consultant’s data breach report, which had been prepared at the direction of outside legal counsel, qualified for work product protection....more
Last week, the U.S. District Court for the Eastern District of Virginia ordered Capital One to produce a forensic investigation report in multidistrict litigation arising out of the cyber incident Capital One announced in...more
Capital One Required to Produce Forensic Report in Class Action - As a litigator, when responding to any security incident, thoughtful consideration is given to the possibility that the security incident may wind up in...more
As a litigator, when responding to any security incident, thoughtful consideration is given to the possibility that the security incident may wind up in litigation, and therefore, certain decisions are made in anticipation of...more
On May 26, 2020, in the matter In re Capital One Consumer Data Security Breach Litigation, MDL 1:19md2915 (Ed. Va.), the Federal District Court for the Eastern District of Virginia ordered Capital One to produce its...more
There were significant developments in 2019 as courts continued to issue important decisions in this space and significant legislation impacting the residential mortgage-backed securities (“RMBS”) market came into effect. A...more
Capital One suffered a serious data breach as a result of the actions of one individual who downloaded nearly 30 GB of 100 million Capital One Financial Corporation credit applications from an Amazon cloud data server. The...more
Not to say, I told you so, but around the same time that the Capital One data breach occurred, I was reminding clients that nearly half of all significant data breaches or cyber-incidents occur because of internal actors. ...more