Latest Posts › Cyber Attacks

Share:

XZ Utils Supply Chain Attack Sheds Light on Vulnerabilities in Widely Adopted Open Source System

In a reminder that open source products can carry significant risks beyond intellectual property, a vulnerability in a compression tool commonly used by developers has triggered widespread concerns....more

NYDFS Announces Draft Amendments to Cybersecurity Regulation

On July 29, 2022, the New York Department of Financial Services (“NYDFS”) released Draft Amendments to its Cyber Security Regulations.  The Amendments, if adopted, would further regulatory trends and impose important new...more

Cyber Incident Reporting for Critical Infrastructure Act Becomes Law

On March 15, 2022, President Joe Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA), which increased funding for the federal Cybersecurity and Critical Infrastructure Agency (CISA) and...more

Predictions for Privacy & Data Security in 2022

2021 proved to be a momentous year for privacy and data security law. The scourge of ransomware continued last year, leading to record-setting ransomware payments, a muscular response from the federal government, a hardening...more

Federal Court Holds that Cloud Service Provider is Subject to CMIA

On August 12, 2021, the United States District Court for the District of South Carolina issued an opinion denying in part and granting in part a motion by Blackbaud to dismiss seven statutory claims brought by plaintiffs in a...more

Federal Court System—And Possibly Sealed Filings—Breached in Connection With SolarWinds Hack

The Administrative Office of the U.S. Courts (the “AO”) recently disclosed that it has initiated an investigation into an apparent compromise in security of the Judiciary’s Case Management/Electronic Case Files System...more

To Pay or Not to Pay? Evolving Legal Considerations With Ransomware

1. Overview of the regulatory issues facing companies—and cyber insurers—that may need to respond to ransomware emanating from a threat actor or group with potential ties to entities on federal lists.- The U.S. Treasury...more

Delaware and New Hampshire Join Growing List of States With New Insurance Data Security Laws

Delaware (July 31, 2019) and New Hampshire (August 2, 2019) have become the latest states to add to the insurance cybersecurity landscape by enacting information security laws.  These laws come on the heels of Connecticut’s...more

Connecticut Becomes Latest State to Enact Insurance Data Security Law

On July 26, 2019, Connecticut Governor Ned Lamont signed into the law the state’s new Insurance Data Security Law, which imposes new information security, risk management, and reporting requirements for carriers, producers,...more

Arizona Strengthens and Expands Data Breach Notification Law

The Arizona Legislature has significantly expanded and strengthened the state's data breach notification law. The legislation was signed by Arizona Governor Doug Ducey on April 11, 2018....more

What Arizona Companies Need to Know About Arizona Cybersecurity Law

Given the nearly daily reports of data breaches, ransomware attacks and phishing exploits affecting entities of all sizes, Arizona entities should be aware that Arizona law may require them to provide notice to employees,...more

Oregon, New York, Alabama, and Rhode Island Join List of States Considering Data Breach Legislation Post-Equifax

Any entity that does business in these states or maintains confidential information of their residents should monitor the proposed data breach legislation discussed below: Oregon, New York, Alabama, and Rhode Island....more

Arizona Legislature Considers Strengthening Data Breach Notification Law

The Arizona State Legislature is considering proposed legislation that, if enacted, would significantly change the requirements for how Arizona entities respond to data breaches....more

Washington A.G. Sues Uber in First Enforcement Action Under Revised Data Breach Law

The State of Washington's Attorney General filed a complaint against Uber Technologies, Inc., (Uber) this week related to the 2016 hack that exposed the personal data of 57 million riders and drivers. The suit is the first...more

Eighth Circuit Issues Two Class Action Data Breach Rulings

In the span of just nine days, the U.S. Court of Appeals for the Eighth Circuit issued two rulings in class actions involving data breaches—one breach in 2013 at brokerage firm Scottrade and another in 2014 at grocery stores...more

Colorado District Court Dismisses Data Breach Class Action Against Noodles & Company

The U.S. District Court for the District of Colorado recently dismissed a proposed class action lawsuit filed by financial institutions relating to a 2016 data breach that involved hundreds of Noodles & Company (Noodles)...more

SEC Emphasizes Cybersecurity Preparedness in Wake of Global Ransomware Attack

The U.S. Securities and Exchange Commission's Office of Compliance Inspections and Examinations (OCIE) has issued a Risk Alert in the wake of the widespread WannaCry ransomware attack that has inflicted hundreds of thousands...more

Eighth Circuit Remands Proposed Settlement in Target Data Breach Class Action

The Eighth Circuit Court of Appeals has remanded a $10 million settlement in the Target data breach class action on the grounds that the district court had not rigorously analyzed the propriety of the class...more

Plaintiffs Cannot Bring Data Breach Lawsuits Without Evidence That Information Will Be Used To Harm

The latest development in how American courts will handle the standing question for data breach class actions came last week when the U.S. District Court for the District of Columbia dismissed for lack of standing a putative...more

19 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide