No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
AI Talk With Juliana Neelbauer - Episode Two - Cybersecurity Insurance: The New Frontier of Risk Management
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
Snooping Sadia Talks to Former Official Gene Fishel — Unauthorized Access Podcast
Life With GDPR: Critical Perspectives on Big Law Firm Cybersecurity
The growing prevalence of data breaches has led to an uptick in class action litigation based on consumers' personal information allegedly being accessed. A common theme emerging in these lawsuits is plaintiffs claiming that...more
On July 11, a split U.S. Court of Appeals for the Eleventh Circuit partially vacated the greenlighting of two data breach class actions, holding that a district court must re-analyze the boundaries of the classes. Both the...more
Data incident lawsuits, especially class actions, have the potential to create significant business disruption, loss of marketplace credibility, civil liability or regulatory exposure. Consequently, companies that experience...more
Takeaway: Ever since the U.S. Supreme Court ruled in Clapper v. Amnesty Int’l USA, 568 U.S. 398, 416 (2013), that plaintiffs “cannot manufacture standing merely by inflicting harm on themselves based on . . . hypothetical...more
On October 18, 2022, in Webb v. Injured Workers Pharmacy, LLC, the District of Massachusetts dismissed a class action complaint brought by former pharmacy patients alleging that their sensitive personal information had been...more
A German Court has ordered pain and suffering damages as a result of a data breach, the first decision of its kind in Europe. According to the judgment, Scalable Capital has to pay the plaintiff, represented by consumer...more
Now more than ever, it is important for organizations to review and update their basic information security protocols (their incident response, business continuity and crisis communications plans), and to ensure they’re...more
Instead of identifying traditionally “tangible” injuries, data breach plaintiffs typically point to the fact that they may be the victim of identity theft at some point in the future. Prior to late April 2021, the federal...more
In the context of data breach class action litigation, the question of whether Article III standing can be satisfied is often dispositive of the outcome of an action. However, a deep circuit split currently exists between the...more
Takeaway: In Tsao v. Captiva MVP Restaurant Partners, LLC, 986 F.3d 1332, 1339 (11th Cir. 2021), the Eleventh Circuit held that evidence of a “mere data breach” is not sufficient to establish standing where the hackers...more
Last week, in a 26-page opinion, the 11th U.S. Circuit Court of Appeals weighed in on two questions crucial to the viability of privacy and data breach litigation in federal court—and perhaps even in general. First, does a...more
Today, data breaches continue to proliferate at a rapid pace, often spurring consumer class action litigation in their wake. Oftentimes, a successful data breach suit can empty a corporate defendant’s coffers. For example,...more
A federal court in California has ruled that the plaintiff in a putative class action alleging theft of non-sensitive personal information arising from a cybersecurity data breach lacks Article III standing to maintain his...more
SDNY Rejects Standing under “Increased Risk” Theory Where Data Not Targeted or Stolen - The Southern District of New York rejected a settlement that would have resolved a class action based on the unauthorized (and...more
Consumer data breach class actions, for all of their popularity on dockets and especially in headlines, can make difficult cases for plaintiffs. Issues like standing and damages often keep these cases from getting off the...more
We’ve previously blogged about the creative efforts of plaintiffs’ counsel to expand the contours of data breach litigation. ...more
As we head into the new week, here’s a quick summary of major data security developments from around the country. Aetna Hit With Second “Envelope” Lawsuit - Aetna Inc. is now facing a second lawsuit over the disclosure...more
A September 12, 2016 decision out of the U.S. Court of Appeals for the Sixth Circuit adds new fuel to an ongoing legal debate: when a data breach places a business’s sensitive customer information into the hands of hackers,...more
Several recent federal court decisions have shed additional light on the still-unsettled question of when a plaintiff has Article III standing to sue based on a data breach or other data security or privacy event. These...more
With the ever-increasing amount of personal information stored online, it is unsurprising that data breach litigation has become increasingly common. A critical issue in nearly all data breach litigation is whether a...more
The Federal Trade Commission unanimously (3-0) ruled on July 29, 2016 that LabMD’s data security practices were “unfair” under Section 5 of the FTC Act, reversing a decision of its Administrative Law Judge (ALJ). As we...more
One of the great scourges for retail companies in the digital age has been the ever-present threat of massive data breaches by hackers attempting to steal millions of consumers ’debit and credit card information. In...more
Data breaches and cybersecurity attacks appear to be growing in frequency. Despite the increase in the number of such attacks, plaintiffs have found it difficult to establish a legal foothold for data breach claims, as...more
In January 2014, luxury retailer Neiman Marcus disclosed that it had suffered a cyberattack in which hackers may have gained access to 350,000 credit and debit cards used at its stores in late 2013. Plaintiffs, all of whom...more
In the wake of numerous data breach cases dismissed for lack of Article III standing based on the Supreme Court’s decision in Clapper v. Amnesty Int’l USA, 133 S. Ct. 1138, 1147 (2013), the Seventh Circuit Court of Appeals...more