News & Analysis as of

Capital One Data Breach

Genova Burns LLC

DoorDash Hacker Incident Illustrates Third-Party Vendor Risks and Potential Vulnerabilities

Genova Burns LLC on

​​​​​​​Hackers have increasingly focused on third-party vendors as avenues to data held by associated businesses. On August 25, 2022, DoorDash announced that it had experienced a data breach which impacted the personal...more

The Volkov Law Group

Regulatory Implications from 2019 Capital One Hack and Recent Conviction of Former AWS Engineer

The Volkov Law Group on

Paige Thompson, a former Amazon Web Services employee, was recently convicted of seven counts of fraud in U.S. District Court for stealing personal data from more than 100 million customers from unsecured accounts stored on...more

Moore & Van Allen PLLC

Capital One Reaches $190 Million Settlement In Connection with 2019 Data Breach

Moore & Van Allen PLLC on

The saga of the Capital One data breach, which impacted an estimated 106 million individuals in the U.S. and Canada, may soon be coming to an end. After more than two years of litigation, the parties have reached a settlement...more

Bilzin Sumberg

Recent Settlements and Penalties Show Perils of Data Breaches

Bilzin Sumberg on

Two major U.S. financial institutions, Morgan Stanley and Capital One, recently agreed to resolve separate class action lawsuits by paying, in the aggregate, hundreds of millions of dollars in compensation for massive data...more

Woods Rogers

Questions About Tort and Contract Claims in the Cybersecurity Context Left Unsettled

Woods Rogers on

Supreme Court of Virginia Declines Certified Questions from Federal Court in In re: Capital One Consumer Data Security Breach Litigation - The lawsuit In re: Capital One Consumer Data Security Breach Litigation, has already...more

Mintz - Privacy & Cybersecurity Viewpoints

Another Court Orders Production of Cybersecurity Firm’s Forensic Report in a Data Breach Case

Another district court just ordered the defendant in a data breach class action to turn over the forensic report it believed was entirely protected from disclosure by the attorney-client privilege and work product doctrine....more

Akin Gump Strauss Hauer & Feld LLP

Update: Protecting Privilege: Top 10 Checklist for Cybersecurity Forensic Investigation Reports

In ongoing multidistrict litigation concerning Capital One’s 2019 data breach, Capital One succeeded in defeating a motion to compel disclosure of a privileged root cause analysis conducted by PwC. In contrast to an earlier...more

Akin Gump Strauss Hauer & Feld LLP

Protecting Privilege: Top 10 Checklist for Cybersecurity Forensic Investigation Reports

- In ongoing multidistrict litigation concerning Capital One’s 2019 data breach, Capital One succeeded in defeating a motion to compel disclosure of a privileged root cause analysis conducted by PwC. - In contrast to an...more

Society of Corporate Compliance and Ethics...

Capital One fined for inadequate data controls

Report on Supply Chain Compliance 3, no. 16 (August 20, 2020) - The Office of the Comptroller of the Currency fined Capital One USD 80 million for inadequate data controls leading to a 2019 data breach and for failing to fix...more

Bond Schoeneck & King PLLC

Fallout from Capital One Breach Continues as Company is Ordered to Pay $80 Million Fine

Just over a year ago, on July 19, 2019, one of the largest confirmed data breaches in history was identified. The Capital One data hack exposed the personal information of more than 100 million customers and credit applicants...more

Patterson Belknap Webb & Tyler LLP

Capital One to Pay $80 Million Fine for 2019 Data Security Hack

As we previously reported, Capital One Financial Corporation announced in July 2019 a major data security breach when an individual gained unauthorized access to personal information about Capital One credit card customers. ...more

Mitchell, Williams, Selig, Gates & Woodyard,...

Back to Basics: Valuable Reminders from Capital One's Data Breach

In March 2019, Capital One experienced a significant hacking incident in which a former tech company software engineer for Amazon Web Services (AWS), Capital One’s cloud hosting company, exploited a misconfigured open-source...more

Robinson & Cole LLP

Data Privacy + Cybersecurity Insider - August 2020

Robinson & Cole LLP on

CYBERSECURITY - Maze Continues to Strike Companies - It is being reported by ZDNet that the Maze ransomware group has attacked two companies that, apparently, refused to pay the requested ransom, so Maze, as it...more

Robins Kaplan LLP

Financial Daily Dose 8.7.2020 | Top Story: White House Issues EOs Banning Transactions with TikTok and WeChat Parent Companies in...

Robins Kaplan LLP on

Dramatically escalating the growing tension with China (despite considerable ambiguity in its language), the White House issued executive orders that would “ban all ‘transactions’” with ByteDance, the Chinese owner of TikTok,...more

Robinson+Cole Data Privacy + Security Insider

Capital One Settles with Bank Regulator for $80M for Data Breach

The U.S. Office of the Comptroller of the Currency (OCC) announced this week that it has entered into a Consent Order and fined Capital One $80 million for the data breach the company experienced last year....more

Woods Rogers

Protecting Your Organization: Eastern District of Virginia Rules Cybersecurity Incident Report Not Privileged Work Product

Woods Rogers on

On May 26, 2020, in In re Capital One Consumer Data Security Breach Litigation, MDL 1:19md2915 (E.D. Va.) the Federal District Court for the Eastern District of Virginia (Alexandria Division) (Anderson, J.) held that a...more

Hinshaw & Culbertson - Insights for Insurers

Capital One Loses Bid to Shield Post-Breach Report from Consumer Plaintiffs

On June 25, a Federal District Court in Virginia (Anthony J. Trenga, U.S.D.J.) affirmed a Magistrate Judge's Order requiring Capital One to produce a vendor's post-breach forensic report to plaintiffs in a consumer class...more

Saul Ewing LLP

Federal Court Erodes Work Product Protections for Data Breach Investigations

Saul Ewing LLP on

In a recent decision, a Virginia federal magistrate judge held that the attorney work product doctrine did not protect from discovery a forensic investigation report created for Capital One in the wake of a 2019 data breach....more

Hinshaw & Culbertson - Insights for Insurers

No Protection for Vendor's Forensic Report in Post-Breach Litigation? - Preserving Privilege and Work Product Protection in Light...

A May 26, 2020 order by U.S. Magistrate Judge John F. Anderson (E.D. Va.) that attorney work product protection did not preclude production of a forensic vendor's data breach investigation report to plaintiffs in the Capital...more

Womble Bond Dickinson

Federal Court Finds Cybersecurity Forensic Report Not Privileged Under Attorney Work Product Doctrine

Womble Bond Dickinson on

The United States District Court for the Eastern District of Virginia (Court) has held that a cyber-forensic investigation report was not protected by the attorney work product doctrine and ordered Capital One to produce it...more

White and Williams LLP

Protecting Your Organization: Lessons from In re Capital One for Third-Party Cybersecurity Incident Reports

In the action In Re Capital One Consumer Data Security Breach Litigation, No. 19-2915 (E.D. Va.) (Capital One), a Virginia federal court determined that a forensics investigation report conducted by a third-party investigator...more

Patterson Belknap Webb & Tyler LLP

Magistrate Judge Finds Data Breach Investigation Report Not Privileged

Last week, a magistrate judge in the Eastern District of Virginia held that a breach report prepared by Mandiant (a digital forensics investigator, among other things) in response to the Capital One data breach was not...more

Vinson & Elkins LLP

Capital One Court Sends Mixed Signals, Finds Pre-Existing Cyber-Breach Response Plan Prevents Work Product Protection

Vinson & Elkins LLP on

A recent order by a federal court in Virginia rejected arguments that a cybersecurity consultant’s data breach report, which had been prepared at the direction of outside legal counsel, qualified for work product protection....more

Hogan Lovells

Cyber Investigations and Privilege: Court Finds Forensic Report not Covered by Work Product Doctrine

Hogan Lovells on

Last week, the U.S. District Court for the Eastern District of Virginia ordered Capital One to produce a forensic investigation report in multidistrict litigation arising out of the cyber incident Capital One announced in...more

Mintz - Privacy & Cybersecurity Viewpoints

Businesses Beware: Incident Reports May No Longer Have Attorney Work Product Protection Absent Careful Planning

In an unprecedented ruling, one federal court recently held that the work product doctrine does not protect the expert cybersecurity report prepared after a data breach. The court ordered the release of the unredacted...more

46 Results
 / 
View per page
Page: of 2

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide