The Briefing: Failure to Disclose Relationship with Real Party in Interest Results in Serious Sanctions
Podcast: The Briefing - Failure to Disclose Relationship with Real Party in Interest Results in Serious Sanctions
Joseph Sullivan, Uber’s beleaguered former Chief Information Security Officer, was back in the news last month when he appealed his 2023 conviction for his role in concealing a 2016 breach of Uber’s network and customer data....more
On October 22, 2024, the Securities and Exchange Commission (“SEC”) filed settled enforcement orders involving four current and former public companies – Unisys Corp., Avaya Holdings Corp., Check Point Software Ltd, and...more
The Nutter Securities Enforcement Update is a periodic update of noteworthy recent securities enforcement activity, settlements, decisions, and charges. We provide brief summaries that highlight recent enforcement action...more
A New Your federal district judge handed down a significant decision dismissing much of the SEC’s securities fraud enforcement action against SolarWinds arising from its claims relating to SolarWinds’ cybersecurity policies,...more
In the ever-evolving compliance landscape, the recent enforcement action by the Securities and Exchange Commission (SEC) against RR Donnelley is a significant case study. This incident underscores the importance of robust...more
The SEC on Oct. 30, 2023, filed a landmark cybersecurity enforcement action against SolarWinds Corp. (SolarWinds) and the company's current Chief Information Security Officer (CISO) Timothy Brown. The SEC's complaint alleges...more
The recent SEC lawsuit against SolarWinds Corp and its CISO, Tim Brown, following the 2020 data breach, has brought the issue of executive liability in cybersecurity disclosures to the forefront. This case sheds light on the...more
In a first, bold move by the Securities and Exchange Commission (SEC) following its new Rules on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure by Public Companies, issued on July 26, 2023, this...more
The U.S. Securities and Exchange Commission has a message for publicly-traded companies that suffer a data breach: own up. On Monday, the SEC sued Texas-based SolarWinds––and its Chief Information Security Officer...more
Designed for busy in-house counsel and compliance professionals, this newsletter seeks to bring you up to speed on key federal and state False Claims Act (FCA) developments, with links to primary resources. Each quarter, we...more
In order to provide an overview for busy in-house counsel and compliance professionals, we summarize below some of the most important SEC enforcement developments from the past month, with links to primary resources...more
Circuits Split Over Whether Targeting Is Necessary for Seller Liability - Key Points - - While courts have long held that solicitations must be tailored to a particular audience to precipitate statutory seller liability,...more
On October 5, 2022, after a monthlong jury trial, former Uber Chief Information Security Officer Joseph Sullivan was found guilty of obstructing proceedings of the Federal Trade Commission (FTC) and misprision of a felony...more
Editor’s Note: On September 29, 2022, HaystackID shared an educational webcast on the topic of US privacy law. As privacy continues to move to the forefront of not only information consideration but of business concern for...more
Key Points - Fourth Circuit points to SEC guidance on “less is more” approach to cybersecurity disclosures, while finding such disclosures did not violate federal securities laws. Omissions of data vulnerabilities were...more
Observers have been awaiting decisions in a number of cybersecurity and privacy securities fraud class actions with potentially important implications for corporate liability. Over the last several weeks, critical...more
Last week, the District Court for the Eastern District of California denied the defendant’s motion for summary judgment of a False Claims Act (FCA) count against Aerojet Rocketdyne (Aerojet) for allegedly fraudulently...more
This past summer’s string of cyber enforcement actions signals that cybersecurity has become a top priority for the US Securities and Exchange Commission (“SEC”). This focus is consistent with the SEC’s Division of...more
SCOTUS Vacates Class Certification In Suit Against Goldman Sachs And Clarifies Appropriate Scope Of Price Impact Evidence; Stockholders Strike $110 Million Settlement In Suit Alleging Breaches Of Fiduciary Duties By Former...more
Federal authorities have recently described the threat of economic espionage from foreign entities as one of the greatest threats to the economic vitality of the United States, and this has led to an increase in...more
As cybersecurity attacks have continued to gain prominence as a threat posing critical risk management and compliance challenges for financial institutions, the Securities and Exchange Commission (SEC) has emerged as an...more
The U.S. Securities and Exchange Commission announced on April 24, 2018 that Yahoo! (now known as Altaba, Inc.) agreed to pay a $35 million civil penalty to resolve claims that it failed to appropriately and timely disclose...more
The Situation: The SEC accused Altaba Inc., then known as Yahoo! Inc., of misleading investors by failing to disclose a major data breach orchestrated by Russian hackers. The Result: Altaba has agreed to pay $35 million to...more
The fallout from the Yahoo data breaches continues to illustrate how cyberattacks thrust companies into the competing roles of crime victim, regulatory enforcement target and civil litigant. ...more
The Securities and Exchange Commission (SEC) has undertaken its first enforcement action in connection with a public company’s failure to timely disclose cyber-issues. Last month, Altaba Inc., the former Yahoo! Inc. (Yahoo!),...more