In the latest decision on Article III standing in a data breach case, the U.S. Court of Appeals for the Second Circuit ruled that a credit card holder – who neither pleaded specific facts about the time or effort spent...more
Kimpton Hotels and Restaurants has announced that it is investigating a point-of-sale credit and debit card breach affecting approximately two dozen of its properties in the U.S....more
The computer network of a Five Guys Burger franchise, RVST Holdings, LLC (RVST), was hacked. Customers’ credit card information was stolen and used to make numerous fraudulent charges. Trustco Bank brought an action against...more
The Payment Card Industry Security Standards Council (PCI SSC) has released a new version of its data security standard for the protection of cardholder data, the Payment Card Industry Data Security Standard (PCI DSS). PCI...more
It has been reported that Hilton Hotel Properties (Hilton), including Embassy Suites, Doubletree, Hampton Inn and Suites and Waldorf Astoria is investigating credit card fraud alerts from banks, which have been alerted by...more
On appeal to the Seventh Circuit, a three-judge panel opinion written by Chief Judge Woods reversed the lower court. Remijas v. Neiman Marcus Group, LLC, No. 14-3122, 2015 WL 4394814, at *3 (7th Cir. July 20, 2015). The panel...more
Attorneys for certain banks and other financial institutions that are caught up in Target’s 2013 data breach are objecting to the $67 million deal struck last week between the retailer and Visa Inc. The banks and credit...more
Although Target has tentatively settled consumer data breach class action claims, the retailer remains in the crosshairs of the plaintiffs’ class action bar. On September 15, a Minnesota federal district court certified a...more
The Federal Trade Commission (FTC) can regulate cybersecurity policies and procedures as “unfair” acts or practices under Section 5 of the FTC Act, the U.S. Court of Appeals for the Third Circuit has ruled in a very important...more
Companies can be fined by the federal government for failing to properly safeguard consumer data, according to a decision this week by Pennsylvania's federal appellate court....more
Since at least 2005, the Federal Trade Commission has asserted that it may regulate lax data security practices as an “unfair” business practice under Section 5 of the FTC Act. The Wyndham hotel chain was the first to...more
On Monday, the Third Circuit issued a highly anticipated opinion affirming the Federal Trade Commission's authority to regulate "unfair" cybersecurity practices under Section 5 of the FTC Act. In allowing the data breach...more
The U.S. Court of Appeals for the Third Circuit released its much-anticipated ruling in Federal Trade Commission v. Wyndham Worldwide Corp. on August 24, 2015, unanimously upholding the FTC’s authority to regulate companies’...more
In January 2014, luxury retailer Neiman Marcus disclosed that it had suffered a cyberattack in which hackers may have gained access to 350,000 credit and debit cards used at its stores in late 2013. Plaintiffs, all of whom...more
In the wake of numerous data breach cases dismissed for lack of Article III standing based on the Supreme Court’s decision in Clapper v. Amnesty Int’l USA, 133 S. Ct. 1138, 1147 (2013), the Seventh Circuit Court of Appeals...more
Last week, a three-judge panel of the 7th U.S. Circuit Court of Appeals held in Remijas v. Neiman Marcus Group LLC that individuals whose debit and credit card numbers were stolen by cyberthieves who had hacked into Neiman...more
The Seventh Circuit reinstates the Neiman Marcus data breach class action lawsuit after finding that increased risk of future fraudulent charges and greater susceptibility to identify theft are sufficient for standing. ...more