Perspectives on Breach Preparedness & Response
30 total results. Page 1 of 2.
Sarah L. Bruno was named to the Daily Journal's inaugural list of the "Top Cyber/Artificial Intelligence Lawyers" in California.
The Northern District of Illinois Finally Puts an End to the In Re Barnes and Noble Pin Pad Litigation
Since 2012, Barnes & Noble has been fighting claims arising from a data breach that affected its credit card pin pad machines. Now, the Barnes & Noble “Pin Pad” litigation is finally over.
The Fourth Circuit Holds That The Mere Threat of Future Harm Is Insufficient to Confer Standing On Victims of a Data Breach
A recent decision from the Fourth Circuit Court of Appeals in Beck v. McDonald, 848 F.3d 262 (4th Cir. 2017), adds to the list of circuit courts of appeal that have held that that the mere threat of future harm resulting from a data breach, without more, is insufficient to satisfy the injury-in-fact
This is HHS’ first enforcement action against a covered entity that reported a breach, but did not do so timely.
Cybersecurity and data intrustions have dominated business headlines this year, ranging from the rise of ransomware to international hacking of US political parties.
The Supreme Court case involving Spokeo and Thomas Robins, a consumer whose information was included in the search engine's reports, highlights the limitations to a consumer's ability to enforce their rights under the Fair Credit Reporting Act (FCRA).
Ransomware is old news – it has been around at least since 1989 – but it has only now started to attract widespread attention.
On Monday, July 11, 2016, the Office for Civil Rights (OCR) released a fact sheet with guidance for covered entities and business associates on HIPAA and ransomware.
P.F. Chang’s Cyber Insurance Decision: Pay Attention to the Provisions of the Cyber Risk Policy That You Are Buying
Data breaches continue to complicate the interpretation and understanding of commercial insurance policies. But even as courts confront thorny questions presented by cyber security policies, they continue to rely on long-standing principles of insurance and contract law.
Who’s Driving? (Not You.) Autonomous Vehicles Lead to Interesting Privacy and Data Security Questions
From automated cars, syncing software, to wearable devices that interact with a vehicle, it is clear that our time in the car is under an era of rapid change.
The concept of standing – that a plaintiff must have suffered a concrete injury in order to bring a lawsuit – is a bedrock legal principle. But, like so many other fundamental legal concepts, the rise and importance of the internet and digital commerce has consistently complicated its application.
The California Office of the Attorney General (OAG) recently released a report detailing a comprehensive analysis of the data breaches reported to the OAG between 2012 and 2015.
Data breach notifications may be more common in Tennessee. Notably, the Governor recently signed into law a bill updating the current breach notification requirements by (a) requiring notice even where data is encrypted, (b) requiring notice within 45 days of discovery of the breach (barring a law e
In the wake of the recent ransomware attack on Hollywood Presbyterian Medical Center, news reports have emerged that at least three more medical centers and a large health care system have been the victims of these attacks.
Ransomware Attack on California Hospital Puts Providers on Alert for New Threats to Health Information
Cybersecurity may have rocketed to the top of management’s priority list in the wake of the recent cyberattack on Hollywood Presbyterian Medical Center (HPMC) that left the hospital unable to access some of its computer systems for ten days.
These action items will not only put you in a better position when a breach arises, but you will have the right answers when a regulator calls.
New York insurer Excellus BlueCross BlueShield became the most recent health care company to announce it was the victim of a sophisticated cyberattack after hackers gained access to the Social Security numbers, mailing addresses, and financial information of as many as 10 million customers.
There is a split among circuit courts over whether a company faced with a privacy breach is subject to liability where a consumer suffers no discernible harm.
Federal Judge Approves Target’s $10 Million Settlement for Consumer Class Action Lawsuit over 2013 Data Breach
On March 19, 2015, a Minnesota federal judge granted preliminary approval of Target Corporation’s (Target) proposed $10 million settlement of a class action lawsuit, which arose out of a 2013 data breach that compromised personal information of roughly 110 million of Target’s customers.
In October 2014, California Attorney General Kamala Harris released the California Data Breach Report, the state’s most recent analysis of data security threats facing businesses and consumers.