In a reminder that open source products can carry significant risks beyond intellectual property, a vulnerability in a compression tool commonly used by developers has triggered widespread concerns....more
The FTC recently reported that over $650 mm worth of cryptocurrency was stolen by hackers last year. Thus far, over $320 mm in cryptocurrency has been stolen by hackers this year. Not surprisingly, this surge in crypto...more
The Administrative Office of the U.S. Courts (the “AO”) recently disclosed that it has initiated an investigation into an apparent compromise in security of the Judiciary’s Case Management/Electronic Case Files System...more
Assaults on Section 230 of the Communications Decency Act (the “CDA”)—which shields online platforms from civil liability for third party content on their services—are abundant these days. On October 15, 2020, FCC Chairman...more
1. Overview of the regulatory issues facing companies—and cyber insurers—that may need to respond to ransomware emanating from a threat actor or group with potential ties to entities on federal lists.-
The U.S. Treasury...more
As people across the country and world try to figure out how to protect themselves against the spread of coronavirus, hackers are working hard to spread their own viruses....more
Delaware (July 31, 2019) and New Hampshire (August 2, 2019) have become the latest states to add to the insurance cybersecurity landscape by enacting information security laws. These laws come on the heels of Connecticut’s...more
8/9/2019
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Hackers ,
Incident Response Plans ,
Information Security ,
Information Technology ,
Insurance Industry ,
NAIC ,
New Legislation ,
Personally Identifiable Information ,
Popular ,
State and Local Government ,
State Data Breach Notification Statutes
The Arizona Legislature has significantly expanded and strengthened the state's data breach notification law. The legislation was signed by Arizona Governor Doug Ducey on April 11, 2018....more
4/18/2018
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Hackers ,
New Legislation ,
Notice Requirements ,
Personally Identifiable Information ,
Popular ,
Risk Management ,
State and Local Government ,
State Data Breach Notification Statutes
Given the nearly daily reports of data breaches, ransomware attacks and phishing exploits affecting entities of all sizes, Arizona entities should be aware that Arizona law may require them to provide notice to employees,...more
3/22/2018
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Hackers ,
New Legislation ,
Personally Identifiable Information ,
Popular ,
Risk Management ,
State and Local Government ,
State Data Breach Notification Statutes
Any entity that does business in these states or maintains confidential information of their residents should monitor the proposed data breach legislation discussed below: Oregon, New York, Alabama, and Rhode Island....more
3/5/2018
/ Corporate Counsel ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Equifax ,
Hackers ,
Legislative Agendas ,
Personally Identifiable Information ,
Popular ,
Preemption ,
Proposed Legislation ,
State and Local Government ,
State Data Breach Notification Statutes
The Arizona State Legislature is considering proposed legislation that, if enacted, would significantly change the requirements for how Arizona entities respond to data breaches....more
The State of Washington's Attorney General filed a complaint against Uber Technologies, Inc., (Uber) this week related to the 2016 hack that exposed the personal data of 57 million riders and drivers. The suit is the first...more
In the span of just nine days, the U.S. Court of Appeals for the Eighth Circuit issued two rulings in class actions involving data breaches—one breach in 2013 at brokerage firm Scottrade and another in 2014 at grocery stores...more
9/5/2017
/ Article III ,
Breach of Contract ,
Brokerage Accounts ,
Class Action ,
Corporate Counsel ,
Cyber Attacks ,
Data Breach ,
Federal Rule 12(b)(6) ,
Grocery Stores ,
Hackers ,
Injury-in-Fact ,
Personally Identifiable Information ,
Popular ,
Scottrade ,
Standing
The U.S. Securities and Exchange Commission's Office of Compliance Inspections and Examinations (OCIE) has issued a Risk Alert in the wake of the widespread WannaCry ransomware attack that has inflicted hundreds of thousands...more
5/19/2017
/ Broker-Dealer ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Hackers ,
Investment Management ,
Malware ,
OCIE ,
Phishing Scams ,
Ransomware ,
Risk Alert ,
Risk Management ,
Securities and Exchange Commission (SEC)
The Eighth Circuit Court of Appeals has remanded a $10 million settlement in the Target data breach class action on the grounds that the district court had not rigorously analyzed the propriety of the class...more
2/3/2017
/ Appeals ,
Class Action ,
Class Certification ,
Credit Cards ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Debit Cards ,
Hackers ,
Identity Theft ,
Personally Identifiable Information ,
Point of Sale Terminals ,
Popular ,
Settlement ,
Target
The latest development in how American courts will handle the standing question for data breach class actions came last week when the U.S. District Court for the District of Columbia dismissed for lack of standing a putative...more
8/17/2016
/ Article III ,
Blue Cross ,
Blue Shield ,
CareFirst ,
Class Action ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Hackers ,
Health Insurance ,
Healthcare ,
Identity Theft ,
Injury-in-Fact ,
Personally Identifiable Information ,
Putative Class Actions ,
Standing