Data Breach

News & Analysis as of

Illinois Governor Vetoes Data Protection Bill; Suggests Revisions

Illinois Governor Bruce Rauner vetoed a bill amending the state’s data breach notification law on August 21, 2015, saying in a letter to the General Assembly that the bill “goes too far, imposing duplicative and burdensome...more

3rd Circuit Says: FTC Can Take Action Against Companies That Suffer Data Security Breaches

Companies can be fined by the federal government for failing to properly safeguard consumer data, according to a decision this week by Pennsylvania's federal appellate court....more

U.S. Appeals Court Upholds the FTC’s Authority to Police Cybersecurity Practices

In a highly anticipated and precedential opinion issued earlier this week, the Third Circuit Court of Appeals upheld the FTC’s authority to regulate corporate cybersecurity. The decision in Federal Trade Commission v Wyndham...more

Recent Appellate FTC Cybersecurity Ruling

On August 24, 2015, the United States Court of Appeals for the Third Circuit ruled that the Federal Trade Commission (hereinafter “FTC”) has the power under the FTC Act to police companies that fail to employ adequate...more

Landmarks - Summer 2015

Technologically savvy shoppers visiting brick-and-mortar retail locations are increasingly engaging in “showrooming,” a practice where consumers use the brick-and-mortar retail location to evaluate a product in person, yet...more

FTC as Data Security Cop Affirmed

The U.S. Court of Appeals for the Third Circuit this week affirmed the authority of the Federal Trade Commission (“FTC” or “Commission”) to enforce against companies that lack reasonable cybersecurity practices. Prior to...more

Third Circuit Not Hospitable to Wyndham, Upholds FTC’s Broad Powers to Regulate Cybersecurity

Over one year ago, our colleague Chris Hart argued that the District of New Jersey court’s decision in FTC v. Wyndham Worldwide Corp. et. al., No. 13-1887-ES, “point[ed] to the possibility that the FTC has potentially broad...more

The IRS Acknowledges Data Breach Worse Than Reported

On August 17, 2015, the Internal Revenue Service (“IRS”) announced that a breach of U.S. taxpayers’ personal information, first disclosed in May, was three times worse than previously thought. While initial reports indicated...more

OPM Breach Update

In response to the massive OPM data breach, the government has been searching for a vendor to provide identity protection services for the almost 22 million individuals affected. Bids were due last week, and the chosen vendor...more

IRS sued in putative class action for lax security

Following the IRS’ admission that its data breach was actually larger than it originally reported and caused fraudulent tax returns to be filed affecting over 330,000 taxpayers, the IRS was sued this week in a proposed class...more

Three more Darkode Hackers Prosecuted

We previously reported on the prosecutions of Darkode members. Three more members of the computer hacking forum Darkode have pled guilty to accessing protected computers without permission, and for violating the CANSPAM Act....more

Legal Insights on the Ashley Madison Hack: Part II

As more names emerge from the dark web data dump of Ashley Madison customers, lawyers around the globe have found a very willing group of would-be plaintiffs. Interestingly, all of these plaintiffs are named “Doe,” which must...more

Data Security Issues in the Workplace: It’s 10:00 p.m. – Do You Know Where Your Company’s Data Is?

It seems that not a day goes by without another massive data breach incident providing fodder for the morning headlines or the evening news. That should come as no surprise. According to key studies, the average company...more

The Ashley Madison Hack — Will It Cause Couples To Divorce?

Everyone is speculating that the Ashley Madison hack will mean an increase in business for divorce lawyers. This remains to be seen. However, the real question is what happens if your name appears on the list of users? And...more

Back to School – HIPAA 101

After a summer that saw major data breaches at the Office of Personnel Management and UCLA Health System, this fall is a great time to take your organization back to school on HIPAA compliance and data security. Here are...more

Appellate Court Confirms the FTC’s Power to Regulate Cybersecurity

In a highly-anticipated decision, the U.S. Court of Appeals for the Third Circuit has ruled in FTC v. Wyndham Worldwide Corporation that the Federal Trade Commission (“FTC”) is authorized to pursue lawsuits against those who...more

Third Circuit Affirms FTC Authority to Police Whether Companies Have Reasonable Data Security

Since at least 2005, the Federal Trade Commission has asserted that it may regulate lax data security practices as an “unfair” business practice under Section 5 of the FTC Act. The Wyndham hotel chain was the first to...more

DoD Addresses Cybersecurity Preparedness, Incident Reporting, and Cloud Computing Acquisitions with new DFARS interim rule

Announced and effective today, August 26, 2015, DoD has issued an interim rule that significantly expands existing DFARS provisions and clauses requiring contractors and subcontractors to report cyber incidents. The interim...more

Third Circuit to Wyndham (Part I): It's "Fair" that FTC Did Not Articulate Specific Cybersecurity Standards in Enforcement Action...

On Monday, the Third Circuit issued a highly anticipated opinion affirming the Federal Trade Commission's authority to regulate "unfair" cybersecurity practices under Section 5 of the FTC Act. In allowing the data breach...more

Legal Insights on the Ashley Madison Hack: Part I

Internet commenters and legal analysts alike are buzzing about the Ashley Madison hack. The website -- which billed itself as a networking site for anyone who wanted to discretely arrange an extramarital affair -- has already...more

UPDATE: Third Circuit Affirms FTC’s Data Security Authority in Wyndham

The U.S. Court of Appeals for the Third Circuit released its much-anticipated ruling in Federal Trade Commission v. Wyndham Worldwide Corp. on August 24, 2015, unanimously upholding the FTC’s authority to regulate companies’...more

Cybersecurity and the Aviation Sector: Recent Incidents Highlight Unique Risks

Given the range of threats and the catastrophic impact an attack could have on an airline, strategizing to reduce the risk of breaches and implementing plans to deal with them once they occur should be prioritized at board...more

FCC Settles First Data Security Enforcement Action

On July 9, 2015, the Federal Communications Commission settled its first data security case with two related telecommunications carriers – TerraCom, Inc. and YourTel America, Inc. – for $3.5 million. The settlement resolves...more

Banks’ Class Certification Motion Trumpets Target Data Security Failings, Ignores Impact of Card Association Settlements

Card-issuing banks are forging ahead with their lawsuit against Target arising from the 2013 holiday shopping season data breach. Their July 1 motion for class certification has just been unsealed, allowing a glimpse at...more

New Guidance for Financial Institution Directors and Officers In Cybersecurity Preparedness

Earlier this summer, the Federal Financial Institutions Examination Council (FFIEC) released its highly anticipated Cybersecurity Assessment Tool (Assessment), which is designed to assist financial institutions in identifying...more

1,509 Results
|
View per page
Page: of 61

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×