Litigation and legal developments concerning data breaches.
In honor of Privacy Day, Steven A. Augustino and Jack Pringle of Nelson Mullins have highlighted new security breach rules promulgated by the Federal Communications Commission (FCC). Their article begins by pointing out something also noted in the healthcare sector, where increasing concurrent jurisdiction increases the number of federal and state regulations entities must comply […]
FTC says company’s poor security allowed hacker to steal sensitive data of millions of consumers, go undetected for months South Carolina-based Blackbaud Inc. will be required to delete personal data that it doesn’t need to retain as part of a settlement with the Federal Trade Commission over charges that the company’s lax security allowed a […]
The Guardian reports: A former Central Intelligence Agency (CIA) software engineer who was convicted for carrying out the largest theft of classified information in the agency’s history and of charges related to child abuse imagery was sentenced to 40 years in prison on Thursday. The 40-year sentence by US district judge Jesse Furman was for […]
While advocates for more transparency and timely disclosures in response to data breaches were generally pleased with the new disclosure rule by the SEC that went into effect on December 18, not everyone was pleased. In November 2023, Senator Thomas Tillis [R-NC] introduced bill S.J.Res.50 – A joint resolution providing for congressional disapproval under chapter […]
NEW YORK – New York Attorney General Letitia James today sued Citibank, N.A. (Citi) for failing to protect and refusing to reimburse victims of fraud. The lawsuit alleges that Citi does not implement strong online protections to stop unauthorized account takeovers, misleads account holders about their rights after their accounts are hacked and funds are stolen, […]
Bloomberg News reports: A former Internal Revenue Service contractor who stole and leaked the tax returns of former President Donald Trump, Ken Griffin, Elon Musk and other billionaires was sentenced to five years in prison. Charles Littlejohn, 38, pleaded guilty Oct. 12 to stealing Trump’s tax data from the IRS and leaking it to the New York Times. He also admitted taking tax […]
Bloomberg Law reports on a case that probably has a lot of CISOs somewhat nervous: SolarWinds Corp. issued a full-throated denial of wrongdoing in how it handled one of the worst cyberattacks in history in a Friday court filing seeking the dismissal of US Securities and Exchange Commission allegations that its software security representations defrauded […]
Robinson + Cole informs us that the California Privacy Protection Agency (CPPA) has opened a new website at https://privacy.ca.gov/ with resources for California residents to help them understand their rights under the California Consumer Privacy Act (CCPA). The resources include how to submit a complaint against a business that has violated consumer rights under the […]
From the law firm of Polsinelli PC: Beginning on May 13, 2024, nonbanking “financial institutions” must notify the Federal Trade Commission (“FTC”) within 30 days of discovering a data breach involving the nonpublic personal information of at least 500 consumers. These covered organizations can include a wide variety of companies that engage in financial activities […]
Do you know what your cyber policy covers? (Southwest Airlines v. Liberty Insurance Underwriters)
An article by attorneys at Barnes & Thornburg LLP discusses a court case that serves as a useful reminder of how provisions of cyber policies may be interpreted when it comes to coverage of cyber-related incidents — even when those incidents are not data breaches. In 2016, Southwest Airlines suffered a computer system failure that […]