Episode 108 -- The Capital One Data Breach and Vendor Cybersecurity Risks
When federal agencies review bank mergers, the competition issues typically relate to the number and location of physical branches and the extent of any overlap in the areas served. By contrast, the proposed $35 billion...more
Paige Thompson, a former Amazon Web Services employee, was recently convicted of seven counts of fraud in U.S. District Court for stealing personal data from more than 100 million customers from unsecured accounts stored on...more
The saga of the Capital One data breach, which impacted an estimated 106 million individuals in the U.S. and Canada, may soon be coming to an end. After more than two years of litigation, the parties have reached a settlement...more
Two major U.S. financial institutions, Morgan Stanley and Capital One, recently agreed to resolve separate class action lawsuits by paying, in the aggregate, hundreds of millions of dollars in compensation for massive data...more
In a harbinger of future enforcement actions surrounding AML compliance program violations, the Treasury Department’s The Financial Crimes Enforcement Network announced a $390 million settlement with Capital One for...more
House Financial Services Committee Sets Fintech Priorities for a New Administration - House Financial Services Committee Chairwoman Maxine Waters sent a letter to the incoming administration with nearly 50 pages of...more
In the most recent development in Cohen v. Capital One Funding LLC, a case seeking to certify a class asserting that New York State’s usury laws can apply to securitized credit card debts, Capital One-affiliated defendants...more
In Hammer v. Equifax, the Fifth Circuit affirmed the district court’s dismissal of FCRA claims against Experian and Equifax in a September 9, 2020 published decision. Accepting the allegations of the twice amended...more
As we previously reported, Capital One Financial Corporation announced in July 2019 a major data security breach when an individual gained unauthorized access to personal information about Capital One credit card customers. ...more
CYBERSECURITY - Maze Continues to Strike Companies - It is being reported by ZDNet that the Maze ransomware group has attacked two companies that, apparently, refused to pay the requested ransom, so Maze, as it...more
Dramatically escalating the growing tension with China (despite considerable ambiguity in its language), the White House issued executive orders that would “ban all ‘transactions’” with ByteDance, the Chinese owner of TikTok,...more
The U.S. Office of the Comptroller of the Currency (OCC) announced this week that it has entered into a Consent Order and fined Capital One $80 million for the data breach the company experienced last year....more
Last week, the U.S. District Court for the Eastern District of Virginia ordered Capital One to produce a forensic investigation report in multidistrict litigation arising out of the cyber incident Capital One announced in...more
On May 26, the District Court found in the In Re: Capital One Consumer Data Security Breach Litigation, MDL No. 1:19md2915 (AJT/JFA)(ED VA) that a report prepared by Mandiant concerning the Capitol One data breach (Breach...more
Capital One Required to Produce Forensic Report in Class Action - As a litigator, when responding to any security incident, thoughtful consideration is given to the possibility that the security incident may wind up in...more
As a litigator, when responding to any security incident, thoughtful consideration is given to the possibility that the security incident may wind up in litigation, and therefore, certain decisions are made in anticipation of...more
The Second Circuit’s decision in Madden v. Midland Funding, LLC was announced in 2015. Since that time, there have been a number of cases brought based on the Second Circuit opinion, as well as recent regulatory proposals...more
There were significant developments in 2019 as courts continued to issue important decisions in this space and significant legislation impacting the residential mortgage-backed securities (“RMBS”) market came into effect. A...more
The FCC has issued a notice announcing that it is seeking comment on a petition filed by Capital One Services, LLC (Capital One) that asks the FCC to issue a declaratory ruling to confirm that the recipient of an opt-out...more
Financial Services Update - TCPA / ATDS: lender's dialer equipment not an ATDS because it is not capable of generating and dialing random or sequential numbers - Brown v. Ocwen Loan Serv. LLC, No. 8:18-cv-136-T-60AEP (M.D....more
Not to say, I told you so, but around the same time that the Capital One data breach occurred, I was reminding clients that nearly half of all significant data breaches or cyber-incidents occur because of internal actors. ...more
When news of a major data breach, like the recent one at Capital One, makes headlines, the first response of many business owners may be to breathe a big sigh of relief that it wasn’t them. However, it’s critical that...more
Louisiana Governor John Bel Edwards, for the first time in history, declared a statewide cybersecurity emergency last week, following cyber-attacks against several school systems in the state. ...more
Many readers have reached out to learn about the Capital One data breach and how it affects us. If you haven’t been watching the story unfold as closely as I have, here is a summary of what happened, what information was...more