The Briefing: Failure to Disclose Relationship with Real Party in Interest Results in Serious Sanctions
Podcast: The Briefing - Failure to Disclose Relationship with Real Party in Interest Results in Serious Sanctions
Joseph Sullivan, Uber’s beleaguered former Chief Information Security Officer, was back in the news last month when he appealed his 2023 conviction for his role in concealing a 2016 breach of Uber’s network and customer data....more
In the ever-evolving compliance landscape, the recent enforcement action by the Securities and Exchange Commission (SEC) against RR Donnelley is a significant case study. This incident underscores the importance of robust...more
The SEC on Oct. 30, 2023, filed a landmark cybersecurity enforcement action against SolarWinds Corp. (SolarWinds) and the company's current Chief Information Security Officer (CISO) Timothy Brown. The SEC's complaint alleges...more
The recent SEC lawsuit against SolarWinds Corp and its CISO, Tim Brown, following the 2020 data breach, has brought the issue of executive liability in cybersecurity disclosures to the forefront. This case sheds light on the...more
The U.S. Securities and Exchange Commission has a message for publicly-traded companies that suffer a data breach: own up. On Monday, the SEC sued Texas-based SolarWinds––and its Chief Information Security Officer...more
Designed for busy in-house counsel and compliance professionals, this newsletter seeks to bring you up to speed on key federal and state False Claims Act (FCA) developments, with links to primary resources. Each quarter, we...more
In order to provide an overview for busy in-house counsel and compliance professionals, we summarize below some of the most important SEC enforcement developments from the past month, with links to primary resources...more
Circuits Split Over Whether Targeting Is Necessary for Seller Liability - Key Points - - While courts have long held that solicitations must be tailored to a particular audience to precipitate statutory seller liability,...more
On October 5, 2022, after a monthlong jury trial, former Uber Chief Information Security Officer Joseph Sullivan was found guilty of obstructing proceedings of the Federal Trade Commission (FTC) and misprision of a felony...more
Editor’s Note: On September 29, 2022, HaystackID shared an educational webcast on the topic of US privacy law. As privacy continues to move to the forefront of not only information consideration but of business concern for...more
Key Points - Fourth Circuit points to SEC guidance on “less is more” approach to cybersecurity disclosures, while finding such disclosures did not violate federal securities laws. Omissions of data vulnerabilities were...more
Observers have been awaiting decisions in a number of cybersecurity and privacy securities fraud class actions with potentially important implications for corporate liability. Over the last several weeks, critical...more
This past summer’s string of cyber enforcement actions signals that cybersecurity has become a top priority for the US Securities and Exchange Commission (“SEC”). This focus is consistent with the SEC’s Division of...more
Federal authorities have recently described the threat of economic espionage from foreign entities as one of the greatest threats to the economic vitality of the United States, and this has led to an increase in...more
As cybersecurity attacks have continued to gain prominence as a threat posing critical risk management and compliance challenges for financial institutions, the Securities and Exchange Commission (SEC) has emerged as an...more
The U.S. Securities and Exchange Commission announced on April 24, 2018 that Yahoo! (now known as Altaba, Inc.) agreed to pay a $35 million civil penalty to resolve claims that it failed to appropriately and timely disclose...more
The Situation: The SEC accused Altaba Inc., then known as Yahoo! Inc., of misleading investors by failing to disclose a major data breach orchestrated by Russian hackers. The Result: Altaba has agreed to pay $35 million to...more
The fallout from the Yahoo data breaches continues to illustrate how cyberattacks thrust companies into the competing roles of crime victim, regulatory enforcement target and civil litigant. ...more
The U.S. Securities and Exchange Commission announced on April 24, 2018, that Yahoo! — now known as Altaba — agreed to pay a $35 million penalty to settle claims that the company failed to timely disclose a 2014 data breach...more
The Securities and Exchange Commission (the “SEC”) announced Tuesday that Altaba, the entity formerly known as Yahoo! Inc., has agreed to pay a $35 million penalty to settle charges that it misled investors by failing to...more
On March 2, Yahoo, Inc. (“Yahoo”) filed a proposed settlement in In re Yahoo Inc. Securities Litigation, which was filed in U.S. District Court in San Francisco. ...more