Data Breach

News & Analysis as of

California Court Dismisses CMIA Claim Based on Possession of Stolen Medical Data

A health organization narrowly averted paying a potential $4 billion in damages under the California Confidentiality of Medical Information Act (CMIA) for losing the medical records of more than 4 million patients. Plaintiffs...more

By “Any Manner” Of Means: Securing Cyber-Crime Coverage After Zurich v. Sony

Much has been written about the New York Supreme Court’s landmark ruling in Zurich American Insurance Co. v. Sony Corp., Index. No. 651982/2011 (N.Y. Supr. Ct. Feb. 21, 2014), in which a New York trial court denied coverage...more

The Trend of Stricter State Data Breach Laws Continues with Florida

Florida’s new Florida Information Protection Act, Fl. Stat. § 501.171, became effective July 1, 2014. The new law repeals and replaces Florida’s existing data breach notification requirements (Fl. Stat. § 817.5681) with more...more

Cybersecurity Litigation Monthly Newsletter

As we discussed in July, Tiversa, a “cyber-intelligence” company, notified the FTC in 2009 that a file containing the personal information of about 9,300 LabMD patients was available on a peer-to-peer file sharing network....more

Target Files Motion to Dismiss Data Breach Lawsuit

By now, we all know about the massive data breach at national retailer Target over the 2013 holiday season. The cyber-attack was carried out by sophisticated criminal hackers, who allegedly gained access to Target’s network...more

To Speak Or Not To Speak About A Data Breach

I recently posted about some companies making the decision to not announce when a data security breach has occurred, or at least they would think twice before announcing. According a couple crisis communication experts, that...more

September 22, 2014: Quickly approaching deadline to amend business associate agreements

The HIPAA Omnibus Rule, enacted last year, made a number of changes to the HIPAA privacy, security and breach notification rules. Some of these changes affected business associate provisions of the HIPAA privacy and security...more

Health Care Update - September 2014

In This Issue: - HealthCare.gov Hacking Breach - Implementation of the Affordable Care Act - Other Federal Regulatory Initiatives - Other Congressional and State Initiatives - Other Health...more

The Congress Ramps Up Action On Cybersecurity Legislation - Possibilities For Data Protection/Breach Legislation Still Exist

While not a day goes by without a new cybersecurity attack, the recent news of the Russian criminal gang who is alleged to have stolen over 1 billion user names and passwords as well as 500 million email addresses reinforces...more

Privacy Monday – September 2014

Back to school, back to traffic jams … back to Privacy Mondays! Our look at bits and bytes and goofs and gaffes in data privacy and security....more

Illinois Court Dismisses Plaintiffs Privacy Claims Arising out of HIPAA Breach

On July 10, 2014, a Kane County, Illinois Circuit Court granted a motion to dismiss with prejudice in favor of Advocate Health & Hospitals Corporation (Advocate) in a class action case arising out of a breach of patients'...more

Week in Review

Some popular online services made legal headlines this week. After years of litigation, a federal appeals court held that Yelp did not extort businesses by manipulating user reviews to coerce advertising purchases. While Yelp...more

Another day, another data breach…..DIYers, beware. This time it’s Home Depot.

It appears that the data breach victim of the week (perhaps of the year) is The Home Depot. Brian Krebs has reported that it appears that two large dumps of purloined credit card numbers have made an appearance on the black...more

Lessons from the iCloud Celebrity Hack

The highly publicized hacking of the iCloud accounts of dozens of celebrities was disclosed over Labor Day weekend and has raised larger, more serious concerns regarding the security of personal and corporate data held in the...more

PREVENTING AND RESPONDING TO DATA BREACHES IN AN ERA OF CYBER INSECURITY [Video]

Rarely does a day pass without new news of a data breach of some company around the world. It has impacted virtually every industry from hospitality to retail. What should companies do to avoid being the next target of...more

FRANCE: Orange receives a public warning from the French Data Protection Authority (CNIL) following a security breach in a...

The CNIL’s decision provides useful guidance on security measures that the CNIL considers must be taken by data controllers. Earlier this year, Orange discovered that the database of one of its sub-subcontractors had...more

Nebraska Federal Court Refuses To Dismiss Suit Claiming Breach Of Contract, Violation of State Law for Unauthorized Credit Card...

On August 20, the U.S. District Court for the District of Nebraska denied motions to dismiss filed by a Nebraska bank and two credit card processing companies in response to a purported class action filed by a merchant...more

Learning from Target: Insurance Coverage for Data Breaches

Cyber liability is a clear and present danger. Target Corp. recently reported at least $235 million as gross expenses related to its 2013 data breach. Fortunately, Target was able to recover $90 million of that loss under...more

Massive Online Security Breach – Are You Reactive or Proactive?

A few weeks ago, a Russian cyber gang amassed around 1.2 billion user name and password credentials belonging to more than 500 million email addresses. This may be to date the largest cache of stolen data. The cyber gang...more

Amendments to California’s security breach notification bill head to governor: key action points for businesses

In what has become almost an annual ritual, California is poised to tweak its security breach notice law. Last year, in language DLA Piper lawyers helped to draft on behalf of the State Privacy & Security Coalition, the...more

Out of the Box: Legal guidance for the consumer product + retail industry - Volume 2, Issue 2, Summer 2014

In This Issue: - Are Offers Of Free Credit Monitoring About To Become Mandatory In Data Breach Incidents? - Mandatory “Made-In” Labeling in the EU - A New Dawn for California Class Actions - Recent...more

The Board of Directors and Cybersecurity: Setting up the Right Structure

Security breaches have become a staple of the daily news. A national restaurant chain announced in August 2014, that a payment card processing system breach involved 33 restaurants in 18 states and that the incident lasted...more

Quirky Question #240, Breach Notification Laws

Question: Our company has employees and operations in multiple states, and I’m concerned about complying with data breach laws in the various locales. What’s the status of the law on data break...more

Weighing in – 1.2 Billion Usernames and Passwords. What, Me Worry About CyberSecurity?

Last month one of our lead articles was Cyber Security: Forewarned is Fair-Warned. Last week the New York Times published an article reporting that at least 1.2 billion usernames and passwords were hacked by a Russian...more

Week in Review

Significant electronic data breaches made headlines again this week. Supervalu announced that millions of customer credit card numbers were stolen at various stores. ...more

734 Results
|
View per page
Page: of 30