Tag Archives: Data breach

Sixth Circuit: Data Breach Victims’ Heightened Risk of Future Harm Establishes Article III Standing

One of defendants’ most significant arguments in opposing data breach victims’ negligence and breach of privacy claims has been that the claimants that have not suffered actual fraud or identity theft can show no cognizable injury and therefore lack Article III standing to assert their claims. Appellate decisions in the Seventh and Ninth Circuit have previously taken … Continue Reading

FTC Holds Private Information Disclosure In and Of Itself Sufficient Injury to Support Unfair Practices Claim

One of the recurring issues that has arisen as claimants and regulators have pursued cybersecurity-related claims against companies that have experienced a data breach is the question of what type or quantum of claimed injury is sufficient to sustain a claim. This issue has recurred in consumer cybersecurity-related damages actions and it has also arisen … Continue Reading

Wyndham Worldwide Settles Data Breach-Related FTC Enforcement Action

According to the company’s December 9, 2015 press release (here), Wyndham Worldwide has reached a settlement with the Federal Trade Commission in the long-running and high-profile civil action the agency filed against the company and its affiliates in connection with data breaches at the company during the period 2008-2010. Under the terms of the settlement, … Continue Reading

Guest Post: SEC’s Regulatory Action Against R.T. Jones: Did the Other Cybersecurity Shoe Just Drop?

On September 22, 2015, in what has been described as the SEC’s first cybersecurity-related enforcement action, the SEC announced that it had entered a settlement St. Louis-based investment advisor R.T. Jones Capital Equities Management, Inc., based on charges that the company had failed to establish the required cybersecurity policies and procedures in advance of a breach … Continue Reading

O.K., This Is a Big Deal: 7th Cir. Reinstates Neiman Marcus Consumer Data Breach Class Action

In a ruling that could provide an important boost future consumer data breach class action litigation, the Seventh Circuit has reinstated the Neiman Marcus data breach lawsuit, ruling that the district court erred in concluding that the plaintiffs’ fear of future harm from the breach was insufficient to establish standing to pursue their claims. As Alison … Continue Reading

Guest Post: Cybersecurity Enforcement: The FTC Is Out There

Along with the disruption and the reputational damage, a company experiencing a data breach can also find itself attracting the unwanted attention of regulators. Among the federal regulators that has proven to be active in data breach arena has been the Federal Trade Commission. In the following guest post, Robert Carangelo, Eric Hochstadt, and Gaspard Curioni of … Continue Reading

Target Directors and Officers Hit with Derivative Suits Based on Data Breach

  I have frequently noted that among the many exposures a company experiencing a data breach could encounter is the possibility of a shareholder suit alleging that the company’s board breached their fiduciary duties by failing to take sufficient steps to protect the company from a breach and its consequences. This possibility has now been … Continue Reading

Smaller Companies Should Consider Cyber-Liability Insurance

Smaller companies increasingly are the subject of data breaches  and those smaller companies “are the number-one target of cyber-espionage attackers,” according to a recent study detailed in a April 24, 2013 CFO.com article entitled “Should You Consider Cyber Insurance?” (here). Smaller companies increasingly are the subject of cyber attacks due to “inadequate security infrastructure for … Continue Reading
LexBlog