No Password Required: Chief Adversarial Officer at Secure Yeti, a DEF CON Groups Global Ambassador, and a World-Class Awkward Hugger
Digital Planning Podcast Episode: When Cyber Attacks Hit Home
Overview of Cybersecurity in Government Contracts
Cybersecurity: What Healthcare Providers Need to Know
No Password Required: The Teenage CEO of Girls Who Hack and Secure Open Vote, Who Is as Comfortable Behind a Mic as She Is Behind a Keyboard.
No Password Required: The Sailing CTO of Sylint Group Who Routinely Defends Against Nation-State Attacks on Critical Infrastructure
Webinar Recording - Crypto Breaches: Legal & Regulatory Update
No Password Required: A Cybersecurity Education Specialist, Whose Passions Include the Forest, DIY, and Deviled Eggs
Cyberside Chats: Everyone wants to be Batman. Hacking Back & Cybersecurity Law
Defense In-Depth: Cybersecurity For Energy
Greetings and Felicitations - Aly McDevitt on Ransomware Case Study, Part 2
Not If, but When: A Data Protection Roadmap for Legal Teams in a Post-Pandemic World
How to Protect your Organization From a Cybersecurity Attack
Phishing: Cybersecurity’s Biggest Threat
No Password Required: An Infowar Expert Paved the Path From Rock-And-Roll to Cybersecurity
Cybersecurity & Data Privacy Webinar Series: Password Protected: Essential Cybersecurity & Data Privacy Planning for Your Small Business
CF on Cyber: The Anatomy of a Ransomware Attack - Part 2
CF on Cyber: The Anatomy of a Ransomware Attack - Part 1
Fighting Cyber Crime: The $1 Trillion Invisible Threat
Podcast: How Can Companies in the Health Care and Life Sciences Industries Strengthen Their Cybersecurity Posture? - Diagnosing Health Care
On February 4, 2021, the Eleventh Circuit affirmed the dismissal of a customer’s proposed class action lawsuit against a Florida-based fast-food chain, PDQ, over a data breach. The three-judge panel rejected the argument that...more
A recent ruling in Parziale v. HP, Inc., arising out of the implementation by Hewlett-Packard (“HP”) of a remote firmware update on many models of the company’s printers, highlights the potentially broad application of the...more
In 2017, the FTC filed a complaint against D-Link Systems, Inc. (D-Link) alleging that the Taiwan-based computer networking equipment manufacturer had taken inadequate security measures which left its wireless routers and...more
On June 28, 2018, Adidas released a statement announcing that it recently “became aware that an unauthorized party claims to have acquired limited data associated with certain Adidas consumers.”...more
Wage and Hour - Decision Upholds Class Action Waivers in Arbitration Clauses, Resolves Circuit Split - The U.S. Supreme Court issued a long-awaited decision in Epic Systems Corp. v. Lewis on May 21, 2018, holding that...more
The cities of Chicago and San Francisco and the Massachusetts Attorney General have filed the first enforcement actions against Equifax following the announcement of a data breach affecting an estimated 143 million consumers....more
According to the Breach Level Index, the total number of data records lost or stolen in just the first half of 2016 was 554,454,942, stemming from 974 breach incidents. In the entire year of 2015, there were 707.5 million...more
The Federal Trade Commission has filed a lawsuit in federal court claiming that a networking equipment manufacturer engaged in unfair and deceptive acts, exposing thousands of consumers to the risk of cyberattack from...more
This year has been a busy year for education law in the area of data privacy. Educational institutions continue to be a rich target for hackers. Additionally, there were some important developments in the interpretation of...more
3The FTC recently examined peer-to-peer (P2P) payment systems and crowdfunding in the second forum of its FinTech series. P2P payment systems are online services that allow consumers to share money electronically. These...more
We previously reported that 21st Century Oncology suffered a data breach in October 2015 involving an intrusion into its systems which compromised around 2 million patients’ records, including their names, Social Security...more
In Case You Missed It: The Federal Trade Commission issued an opinion in the LabMD case, overturning an ALJ’s November 2015 decision holding that the FTC failed to meet its burden to prove that LabMD’s data security...more
In the aftermath of major data breaches at deep-pocketed retailers and other businesses, there is typically no shortage of litigants who move quickly to seek compensation from the business at which the breach occurred. But...more
We wrote about Wendy’s investigation into a data breach at its chain restaurants at the beginning of January, and now Wendy’s faces a class action over that same breach. The suit claims that Wendy’s negligently exposed...more
This month’s edition of the Advanced Cyber Security Center’s newletter includes my discussion of lessons to be learned from the Wyndham decision: Historically, security was an issue reserved in a back room for the IT...more
The government appears to be increasing its enforcement efforts regarding cybersecurity risks. A three-judge panel of the U.S Court of Appeals for the Third Circuit recently held the FTC may bring a claim that a company’s...more
Companies are reminded of the need for strong internal controls. The US Securities and Exchange Commission (SEC) and the Department of Justice (DOJ) recently filed civil and criminal actions in the largest hacking and...more
In Part I, we discussed the Third Circuit's finding that the "unfair" prong of the FTC Act does not require the agency to provide specific cybersecurity standards with "ascertainable certainty" to which companies must...more
In a resounding win for the Federal Trade Commission (“FTC”), the Third Circuit unanimously affirmed the FTC’s power to regulate cybersecurity under the unfairness prong of the FTC Act (15 U.S.C. §45). FTC v. Wyndham, Case,...more
Third Circuit Affirms FTC’s Authority Over Cybersecurity: In the Wyndham case, the Third Circuit affirmed that the FTC has the authority to regulate cybersecurity under Section 5 of the FTC Act, and that the language of...more
The Federal Trade Commission (FTC) can regulate cybersecurity policies and procedures as “unfair” acts or practices under Section 5 of the FTC Act, the U.S. Court of Appeals for the Third Circuit has ruled in a very important...more
Banks and other companies subject to the CFPB’s jurisdiction face the possibility that the CFPB could begin using its authority under Sections 1031 and 1036 of the Dodd-Frank Act (which proscribe unfair, deceptive or abusive...more
On August 24, 2015, the United States Court of Appeals for the Third Circuit issued a precedential opinion in the matter of Federal Trade Commission v. Wyndham Worldwide Corporation, et al., No. 14-3514 (3d. Cir., Aug. 24,...more
Companies can be fined by the federal government for failing to properly safeguard consumer data, according to a decision this week by Pennsylvania's federal appellate court....more
Over one year ago, our colleague Chris Hart argued that the District of New Jersey court’s decision in FTC v. Wyndham Worldwide Corp. et. al., No. 13-1887-ES, “point[ed] to the possibility that the FTC has potentially broad...more