Orrick, Herrington & Sutcliffe LLP write: On June 30, the U.S. Court of Appeals for the First Circuit overruled a district court’s dismissal of a putative class action against a home delivery pharmacy service for allegedly failing to prevent a 2021 data breach that exposed the personally identifiable information (PII) of over 75,000 patients. The class…
Category: Legislation
SEC to Consider Cyber Rules Next Week
Micaela McMurrough, Ashden Fein, David H. Engvall, Caleb Skeath, Kerry Burke, and Shayan Karbassi of Covington and Burling write: According to a recently-released meeting agenda, the Securities and Exchange Commission’s (“SEC”) upcoming July 26, 2023 meeting will include consideration of adopting rules to enhance disclosures regarding cybersecurity risk management, governance, and incidents by publicly traded companies….
Webinar – The New Breed of State Health Privacy Laws
There are so many webinars each week that I generally don’t sign up for many or even post links to them, but this one really caught my eye because there have been so many recent changes at the state level. The New Breed of State Health Privacy Laws Thursday, July 27, 2023 at 2 PM…
Eleventh Circuit Requests Refined Class Definition For Data Breach Class Action
Gerald L. Maatman, Jr., Alex W. Karasik, and George J. Schaller of Duane Morris write: In Steinmetz et al. v. Brinker International, Inc., No. 21-13146, 2023 U.S. App. LEXIS 17539 (11th Cir. July 11, 2023), the Eleventh Circuit vacated the district court’s order certifying a nationwide class and California-only class in a data breach case. In so…
Owner of BreachForums pleads guilty in federal court to three counts, including one involving child pornography
Update and note: After this post appeared and was posted on Mastodon, some people complained about the original headline, characterizing it as “clickbait.” That was not my intention. I was just trying to accurately describe what I saw as the most noteworthy part of the situation without mentioning either CSAM or CP in the headline…
Breach Victims Have Standing When Data Misused, 1st Circuit Says
Christopher Brown reports: A data-breach victim whose personal information was subject to actual misuse has standing to sue the entity that suffered the breach, a federal appeals court said. Plaintiff Alexsis Webb plausibly alleged an injury-in-fact sufficient to confer standing to sue Injured Workers Pharmacy Inc. based on her allegation that information stolen from the…