Tag Archives: data breach disclosure

Guest Post: Beat the Clock: 5 Important Steps to Deal with Today’s Complicated Cyber Breach Disclosure World

Cybersecurity threats are on the rise. Companies that find themselves hit with data breaches face a number of challenges, including in particular the challenge of responding to strict breach disclosure and notification requirements. In the following guest post, Paul A. Ferrillo, a shareholder in the Greenberg Traurig law firm’s Cybersecurity, Privacy, and Crisis Management Practice, … Continue Reading

Equifax Data Breach-Related Securities Suit Dismissal Motion Denied in Part, Granted in Part

During 2017 and 2018, plaintiffs’ lawyers filed a number of securities class action lawsuits against companies that had experienced data breaches. Among the highest profile of these cases was the securities lawsuit filed in 2017 against the credit rating firm, Equifax, which in September 2017 announced that hackers had breached its consumer database and accessed … Continue Reading

Yahoo Data Breach-Related Derivative Suit Settled for $29 Million

In recent years, plaintiffs’ lawyers have filed a number of management liability lawsuits against the executives of companies that have experienced high-profile data breaches. These lawsuits have either been filed as shareholder derivative lawsuits or securities class action lawsuits. By and large, the cases filed as shareholder derivative lawsuits have been unsuccessful. However, in a … Continue Reading

Dismissal Motion Granted in PayPal Data Breach-Related Securities Suit

As I have noted in several recent posts, plaintiffs’ lawyers seem to have a renewed interest in trying to pursue securities class action lawsuits against companies that have experienced a data breach. Just to cite one recent example, as discussed here, within a day of Marriott’s recent high-profile announcement of a data breach involving its … Continue Reading

Cybersecurity Disclosure Practices and Standards

In February 2018, the SEC updated its cybersecurity disclosure guidelines for reporting companies, emphasizing the importance to investors and markets for prompt and robust disclosure relating to cyber issues. Indeed, in April, the agency brought its first enforcement action relating to cybersecurity enforcement issues. In its recent annual report, the agency’s enforcement division emphasized that … Continue Reading

Will Yahoo’s Data Breach Reporting Become the Test Case for the SEC’s Cyber Disclosure Guidelines?

Ever since the SEC released its cyber security disclosure guidelines in October 2011, commentators (including me) have been speculating whether the agency might try to nab a company whose disclosure practices the agency might use as sort of a test case on the guidelines’ requirements.  It now appears, at least based on media reports, the … Continue Reading

Thinking About the Chinese Military Officials’ Hacking Indictment and Data Breach Disclosure Issues

Cybersecurity has been a hot button issue for quite a while, but the U.S. Department of Justice ratcheted things up last week when it announced the indictment of five Chinese military officers for hacking into U.S. companies’ computers to steal trade secrets and other sensitive business information. U.S. prosecutors clearly believe the intrusions were serious … Continue Reading
LexBlog