The U.S. Court of Appeals for the Third Circuit has found that plaintiffs must show a causal connection between the theft of their personal information and the purported harm that they have suffered in order to survive a...more
The U.S. Court of Appeals for the Fourth Circuit has found that allegations that fraudsters used the personal information of data breach victims are sufficient to establish standing even without any fraudulent charges...more
This week, the U.S. Court of Appeals for the Second Circuit issued an important decision in Whalen v. Michaels Stores, placing the court at the center of the controversy around what allegations are sufficient to establish...more
In the latest decision on Article III standing in a data breach case, the U.S. Court of Appeals for the Second Circuit ruled that a credit card holder – who neither pleaded specific facts about the time or effort spent...more
When data thieves steal payment card data, consumers suffer no legally cognizable injuries. Card issuers absorb the fraudulent charges and replace the affected cards. Because fraudulent charges are not billed to consumers,...more
The computer network of a Five Guys Burger franchise, RVST Holdings, LLC (RVST), was hacked. Customers’ credit card information was stolen and used to make numerous fraudulent charges. Trustco Bank brought an action against...more
The decision does not change the law on what is necessary to prove standing, although it does reinforce the notion that a plaintiff will have standing if he or she can allege a concrete injury. In the latest in a slew of...more
A federal judge in Pennsylvania has allowed a data breach class action against Coca-Cola and several bottling companies to proceed, finding that the plaintiff has Article III standing even though he had left Coca-Cola’s...more
On appeal to the Seventh Circuit, a three-judge panel opinion written by Chief Judge Woods reversed the lower court. Remijas v. Neiman Marcus Group, LLC, No. 14-3122, 2015 WL 4394814, at *3 (7th Cir. July 20, 2015). The panel...more
Attorneys for certain banks and other financial institutions that are caught up in Target’s 2013 data breach are objecting to the $67 million deal struck last week between the retailer and Visa Inc. The banks and credit...more
Companies can be fined by the federal government for failing to properly safeguard consumer data, according to a decision this week by Pennsylvania's federal appellate court....more
Since at least 2005, the Federal Trade Commission has asserted that it may regulate lax data security practices as an “unfair” business practice under Section 5 of the FTC Act. The Wyndham hotel chain was the first to...more
Global Payments, which processes credit card transactions, announced on March 30, 2012 that an unauthorized person gained access to a portion of its processing system. Global Payments later disclosed that Track 2 data (card...more