Identity Theft Data Breach

News & Analysis as of

Sixth Circuit: Substantial Risk of Harm and Mitigation Costs Sufficient to Confer Standing in Data Breach Case

On October 12, 2016, the U.S. Court of Appeals for the Sixth Circuit denied a petition for an en banc rehearing of its September 12 decision in Galaria, et al. v. Nationwide Mutual Insurance Company (Nos. 15-3386/3387). In...more

Data Breach Class Action Case Dismissed Against Barnes & Noble

A federal judge in Illinois dismissed the class action lawsuit filed against Barnes & Noble stemming from a data breach in 2013. The breach occurred when credit and debit card PIN pads were compromised at 63 Barnes & Noble...more

Cybersecurity Awareness Month: Visits From the Ghosts of Claims Past and Claims Future

Cybersecurity awareness month is nigh upon us again, and thus perspective is in order. 2016 brought us the first collection and analysis of the nascent claims history of the burgeoning cyber-insurance market. On August 27,...more

Galaria v. Nationwide: Data Breach Plaintiffs Standing Strong in the Sixth

This week, in the first post-Spokeo circuit court decision to address standing in a data-breach class action, the Sixth Circuit joined the Seventh Circuit in holding that plaintiffs whose sensitive personal information has...more

Post-Spokeo Standing: An Evolving Landscape

Several recent federal court decisions have shed additional light on the still-unsettled question of when a plaintiff has Article III standing to sue based on a data breach or other data security or privacy event. These...more

NAIC Cybersecurity Task Force Weighs Credit Freezes

On May 24-25, the NAIC Cybersecurity (EX) Task Force held an interim meeting to hear comments from various industry trade organizations and other interested parties on the proposed Insurance Data Security Model Law exposed...more

Plaintiffs Cannot Bring Data Breach Lawsuits Without Evidence That Information Will Be Used To Harm

The latest development in how American courts will handle the standing question for data breach class actions came last week when the U.S. District Court for the District of Columbia dismissed for lack of standing a putative...more

Recent Amendments To State Security Breach Notification Laws

Security breach notification obligations vary by state, including how a security breach is defined, the method for providing notice of the breach, and any requirements to notify state regulators. The following summarizes...more

Cyber Risk and Reality – Procuring Transportation in the 21st Century

With the rapid pace of innovation and deployment of intelligent transportation systems (ITS) to enhance existing transportation infrastructure, transportation officials frequently procure and manage sophisticated systems that...more

Federal District Court Dismisses Data Breach Class Action Complaint Against Scottrade

On July 12, 2016, the United States District Court for the Eastern District of Missouri granted Scottrade’s motion to dismiss a putative class action complaint that was predicated on the alleged theft of personal information...more

Cybersecurity News & Notes – July 2016 #3

In Case You Missed It: Court certifies class in suit against Apple. On July 15, 2016, U.S. District Judge Jon S. Tigar certified a class of users of the mobile app Path, who allege that Apple facilitated the app’s access...more

Omni Hotels latest hotel chain hit with malware

Omni Hotels notified guests on Friday, July 8, 2016, that its point of sale systems were compromised with malware from December 23, 2015, through June 15, 2016....more

Another One Bites the Dust: Maryland Federal District Court Dismisses Putative Data Breach Class Action for Lack of Standing

The United States District Court of Maryland recently dismissed a putative class action alleging that CareFirst’s failure to adequately secure the computer hardware storing their customers’ personal information led to two...more

Tracking The Elusive Consumer Data Breach Class Action

Following the Seventh Circuit’s recent decision in Lewert v. P.F. Chang’s China Bistro Inc., 2016 U.S. App. LEXIS 6766 (7th Cir. Ill. Apr. 14, 2016), many commentators quickly pronounced the Seventh Circuit fertile territory...more

How to Evaluate a Credit Monitoring Service

Organizations are not, generally, required to offer services to consumers whose information was involved in a breach. Nonetheless, many organizations choose to offer credit reports (i.e., a list of the open credit accounts...more

7th Circuit Court of Appeals finds Article III Standing for P.F. Chang’s Plaintiffs

On April 14, 2016, the Court of Appeals for 7th Circuit reinstated plaintiffs’ action against P.F. Chang’s restaurant chain that arose out of the well-reported breach of payment card information. The action was previously...more

Seventh Circuit Allows Data Breach Suit To Proceed Against P.F. Chang’s

On Thursday, April 14, 2016, the United States Court of Appeals for the Seventh Circuit reversed a lower court’s ruling and held that customers suing P.F. Chang’s China Bistro Inc. did have standing to sue for...more

7th Circuit Revives P.F. Chang’s Data Breach Class Action Suit

Last week, the Seventh Circuit revived a data breach class action against P.F. Chang’s restaurant in an important opinion that continues a plaintiff-friendly trend that began with the court’s opinion in the Neiman Marcus case...more

Sony settles employees’ class action suit for up to $8M

The Sony data breach in 2014 was one of the most significant breaches experienced and was a first on many fronts. It was alleged to have been caused by North Korean hackers (calling themselves Guardians of Peace) seeking to...more

Privacy Tip #28 – What do you do if you are a victim of IRS tax fraud?

It’s tax season. The dreaded April 15 federal tax filing deadline is looming. You try to be diligent, and you file your tax return early, hoping to get an early refund. But when you try to e-file your return, it gets rejected...more

Privacy Tip #27 – Complying with the new Rhode Island data security law

As we mentioned before, Rhode Island amended its Identity Theft Protection Act on June 30, 2015, which will become effective on June 26, 2016. Now is the time to think about and put processes in place for compliance with the...more

Beware of the CEO Email Request Phishing Scam: A Different Form of March Madness

Not only is it “March Madness” time, it is also prime tax return filing time. That means that the email scammers are out in full force as well. In the last 10 days, we have seen a marked uptick in what are called...more

Don’t Get Phished! Hackers Pose as CEOs to Steal Tax Information from HR and Payroll Professionals at Healthcare Organizations

Every tax season is plagued with scams to defraud individuals and companies for money from tax returns. However, this year has started off with a bang and this means that the healthcare industry has another reason to worry....more

Rhode Island Amends Identity Theft Protection Act

Rhode Island recently amended its 10-year-old Identity Theft Protection Act effective June 26, 2016, further defining and refining existing data security and breach notification requirements, and adding a requirement to...more

Plan Now to Comply with New Rhode Island Identity Theft Protection Act

Businesses, organizations, state and local governmental entities and individuals who collect and store personal information about Rhode Island residents should start planning now to comply with the new Rhode Island Identity...more

133 Results
View per page
Page: of 6
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.