The Supreme Court has declined, for now, to decide when attorney-client privilege will apply to communications viewed by courts as made for both legal and other purposes. In October 2022, the Court granted certiorari in In...more
The fallout from one of Australia’s worst data breaches continues to unfold. As we previously reported, in October 2022, Russian hackers stole approximately 9.7 million customers’ sensitive data from Medibank, Australia’s...more
Medibank, one of Australia’s largest private health insurers, detected a ransomware attack in October 2022. The attackers, believed to be part of a criminal organization based in Russia, exfiltrated approximately 9.7 million...more
On June 24, 2022, the New York Department of Financial Services (“DFS”) announced a cybersecurity settlement with Carnival Corporation d/b/a Carnival Cruise Line, Princess Cruise Lines, Holland America Line, Seabourn Cruise...more
In a sign that it may be stepping up enforcement of New York’s Stop Hacks and Improve Electronic Data Security Act (“SHIELD Act”), the New York Attorney General’s Office (“NYAG”) announced on June 30, 2022 that it had reached...more
Ransomware attacks have become headline news in the mainstream media, and a hot topic not only on this blog but in government circles. And with good reason as the United States suffered a staggering 421.5 million ransomware...more
4/5/2022
/ Corporate Counsel ,
Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Breach ,
Data Security ,
Information Reports ,
Popular ,
Ransomware ,
Risk Management
A little over two weeks ago, T-Mobile became the latest victim of a cyberattack when more than 50 million of their customers’ data was stolen. In the ensuing weeks, three class action suits have been filed against the...more
In the wake of a data breach, counsel will often require the assistance of a forensic firm in order to provide legal advice to their client. The forensic analysis—which is often memorialized in a report to counsel—is crucial...more
In a win for data privacy defendants, Walmart secured a ruling that favors a narrow interpretation of the California Consumer Privacy Act (CCPA). In Gardiner v. Walmart Inc. et al, 4:20-cv-04618-JSW, a Walmart customer,...more
On December 13, the software and service provider SolarWinds announced that its Orion software platform had been the target of a sophisticated cyber-attack that may have resulted in malicious code being pushed to as many as...more
As we previously described and as reflected in the rapidly increasing number of cyber-attacks since its start, the COVID-19 pandemic has triggered a shift in working practices that hackers and other bad actors are using to...more
9/4/2020
/ Coronavirus/COVID-19 ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Hackers ,
Medical Records ,
Medical Research ,
Personally Identifiable Information ,
Phishing Scams ,
Ransomware
Well before the California Attorney General’s power to enforce the California Consumer Privacy Act (CCPA) commenced on July 1, 2020, as we have recently reported, private plaintiffs had already jumped into the fray, suing...more
Last week, a magistrate judge in the Eastern District of Virginia held that a breach report prepared by Mandiant (a digital forensics investigator, among other things) in response to the Capital One data breach was not...more
The aftermath from one of the largest data breaches in U.S. history is nearing the end, as the presiding judge approved a proposed class action settlement resolving claims arising from Equifax’s September 2017 data breach. ...more
On August 28, 2019, almost a month after Paige A. Thompson was arrested based on allegations that she hacked into servers rented by Capital One Financial Corporation, a criminal indictment was returned charging her with one...more
In a significant ruling addressing the scope of the attorney-client privilege and work product doctrine in a data breach case, a Federal judge in Oregon ordered Premera Blue Cross, the Washington-based healthcare services...more
11/10/2017
/ Attorney-Client Privilege ,
Corporate Counsel ,
Cyber Attacks ,
Data Breach ,
Discovery ,
Health Insurance ,
HIPAA Breach ,
Personally Identifiable Information ,
PHI ,
Premera Blue Cross ,
Putative Class Actions ,
Work-Product Doctrine
Not all cybersecurity risks are the stuff of super-secret code hacks or high-tech digital attacks. One of the biggest culprits: off-the-shelf thumb drives (also known as flash drives or memory sticks) that you can purchase...more
New filings in the consolidated Home Depot data breach litigation, which we have previously covered on this blog, indicate that Home Depot and the remaining financial institution plaintiffs have reached a...more
3/13/2017
/ Class Action ,
Corporate Counsel ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Debit and Credit Card Transactions ,
Financial Institutions ,
Home Depot ,
Malware ,
Point of Sale Terminals ,
Popular ,
Retail Market ,
Settlement
The United States Court of Appeals for the Third Circuit recently ruled that a data breach class action may proceed on the basis of a Fair Credit Reporting Act (FCRA) violation alone, even where the putative class members do...more
Boards of directors remain increasingly exposed to the threat of liability arising from data breaches and other cyber-incidents.
Nearly a year ago, Senators Jack Reed and Susan Collins introduced the Cybersecurity...more
Banner Health recently announced that hackers may have gained “unauthorized access to patient information” and “payment card data” from approximately 3.7 million patients, health plan members, food and beverage customers, and...more
Ransomware attacks at hospitals and other healthcare facilities have dramatically increased over the last several years, putting healthcare providers in the uncomfortable position of having to consider paying thousands of...more
8/9/2016
/ Breach Notification Rule ,
Covered Entities ,
Cyber Attacks ,
Data Breach ,
Department of Health and Human Services (HHS) ,
Electronic Medical Records ,
Hackers ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Hospitals ,
New Guidance ,
PHI ,
Ransomware
More than a year and a half ago, Home Depot announced that it had been a victim of one of the largest data breaches in U.S. history. Media outlets reported that the breach had affected Home Depot’s customers who had made...more
5/9/2016
/ Article III ,
Banking Sector ,
Class Action ,
Corporate Counsel ,
Cyber Attacks ,
Data Breach ,
Financial Institutions ,
Free Identity Theft Protection ,
Hackers ,
Home Depot ,
Malware ,
Negligence ,
Popular ,
Qualified Settlement Funds ,
Standing
From the rise in ransomware attacks to inadvertent disclosure of information by subcontractors, the health services industry is reminded that a potential consequence of a data breach is the threat of a regulatory enforcement...more
4/26/2016
/ Business Associates ,
Covered Entities ,
Cyber Attacks ,
Data Breach ,
Data Security ,
Department of Health and Human Services (HHS) ,
Enforcement Actions ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HITECH Act ,
Hospitals ,
OCR ,
PHI ,
Ransomware ,
Subcontractors
For your convenience, a short list of JD Supra writers covering the myriad issues raised surrounding Cybersecurity, date privacy and protection, and related matters. ...more