Last week, in a 26-page opinion, the 11th U.S. Circuit Court of Appeals weighed in on two questions crucial to the viability of privacy and data breach litigation in federal court—and perhaps even in general. First, does a...more
Researchers at Sentinel One and Dragos have detected malicious code, called EKANS or Snake, that has been designed specifically to target industrial control systems (ICS), including those of oil refineries, manufacturing...more
The predictions set forth in Experian’s Seventh Annual Data Breach Industry Forecast make sense and are worth a read. We are starting to see these types of intrusions and scams, and our experience is that once these types of...more
Last week, the Tex-Mex restaurant chain On the Border suffered a data breach that impacted its payment acceptance systems in 27 states. The restaurant says that some credit card information of customers who visited the chain...more
In November, cannabis won big in the midterm elections–in Michigan, the legalization of recreational cannabis passed, the legalization of medical cannabis passed in Utah and Missouri, and several states elected governors who...more
In a recent case involving hackers that stole "payment card data" from Chipotle, Judge William J. Martinez in the United States District Court for the District of Colorado found on an issue of first impression that payment...more
BIPA - Medline and Con Tech Lighting Latest Illinois Employers Hit With Claims under BIPA • Two Illinois employers, Con Tech Lighting and Medline Industries, are the latest to face claims alleging violations of Illinois’...more
In February 2014 the U.S. National Institute of Standards in Technology (‘NIST’) published the ?rst NIST Cybersecurity Framework, responding to an Executive Order on improving critical infrastructure cybersecurity issued by...more
Judge Trims Proposed Class Action Over Wendy’s Data Breach - Torres v. Wendy’s Int’l, LLC, No. 16-cv-0210 (PGB) (DCI) (M.D. Fla. Mar. 21, 2017). A U.S. district court judge in Florida trimmed a proposed class action...more
New filings in the consolidated Home Depot data breach litigation, which we have previously covered on this blog, indicate that Home Depot and the remaining financial institution plaintiffs have reached a settlement. ...more
The Eighth Circuit Court of Appeals has remanded a $10 million settlement in the Target data breach class action on the grounds that the district court had not rigorously analyzed the propriety of the class certification. ...more
Lightspeed, a retail point-of-sale company that provides cloud-based services to 38,000 clients, has reported that its central database, which stores client information on sales, products, encrypted passwords, and in some...more
Last week the clothing retailer Eddie Bauer LLC issued a press release to announce that its point of sale (“POS”) system at retail stores was compromised by malware for more than six months earlier this year. The...more
Phoenix, Arizona, based Banner Health (Banner), reportedly one of the largest health care organizations in the country, began notifying up to 3.7 million patients this week of a data breach of its computer systems that...more
Omni Hotels notified guests on Friday, July 8, 2016, that its point of sale systems were compromised with malware from December 23, 2015, through June 15, 2016....more
2015 - The Price of Customer Loyalty: Rewards Programs and Sales and Use Tax Issues - 09.21.2015 - Retailers and other businesses use loyalty and rewards programs to draw in customers throughout the year. However,...more
Trump Hotel Collection, the high-end hotel chain owned by the billionaire Republican presidential hopeful and real estate developer Donald Trump, has confirmed a data security breach involving malware that the company says...more
In 2014, grocers and restaurants continued to be plagued by attacks leading to the theft of credit card information. Among others, Supervalu Inc. and Jimmy John’s both experienced intrusions in 2014, extending the string of...more
Concluding our three-part analysis of the White House’s first Summit on Cybersecurity and Consumer Protection, we turn to some practical advice coming out of the Summit’s afternoon session, including an address by Maria...more
Some weeks ago, we wrote a piece “What You Need to Know About Backoff Malware: The New Threat Targeting Retailers” . It’s apparently gotten worse. Any business utilizing point-of-sale (POS) terminals for “swiping” credit...more
The Secret Service, which investigates financial crimes, issued a security Alert on July 31, 2014, warning of malware named “Backoff” that was being used to steal payment card data from point-of-sale (POS) systems. The Alert...more
The phrase “back off” is an implied threat typically reserved for bumper stickers and mud flaps, but if you are a retailer that permits the use of remote desktop applications in your business, the name Backoff should be...more
As April comes to a close, it’s time once again for Verizon Enterprise Solutions’ Data Breach Investigations Report to remind us just how important data security is to the corporate world. Released Wednesday, the report,...more
Our headline today does not refer to those annoying ads that “pop-up” when you visit websites. We’re talking about the hottest trend in seasonal retailing – the pop-up store. These are the “here today, gone tomorrow”...more