Scott Weinstein of McDermott Will & Emery writes: In the wake of recent breaches of personally identifiable information (PII) suffered by health insurance companies located in their states, the New Jersey Legislature passed, and the Connecticut General Assembly will consider legislation that requires health insurance companies offering health benefits within these states to encrypt certain types of PII, including social…
Category: Of Note
Wyndham: Third Circuit Requests Briefing on Whether FTC Declared Unreasonable Cybersecurity Practices Are ‘Unfair’
Katherine Gasztonyi writes: On February 20, the Third Circuit sent a letter to counsel in FTC v. Wyndham Worldwide Corp., identifying at least one topic that will be addressed in the upcoming oral argument regarding the parties’ dispute over whether the FTC has the authority to regulate companies’ data security practices: whether unreasonable cybersecurity practices…
Does Clapper Silence Data Breach Litigation? A Two-Year Retrospective
Andrew Hoffman writes: This February 26, 2015, marks the two-year anniversary of the U.S. Supreme Court’s decision in Clapper v. Amnesty International USA,[1] which required plaintiffs to allege that a threatened injury is “certainly impending” in order to constitute an injury-in-fact sufficient to convey Article III standing. In this time, federal district courts in at least twelve data…
Target Says Credit Card Data Breach Cost It $162M In 2013-14
Ingrid Lunden reports: When it comes to data breaches, retailers are one of the biggest targets these days, and today we have some detail on the costs around one of the more high-profile attacks. Target today said that it has booked $162 million in expenses across 2013 and 2014 related to its data breach, in which hackers…
National Center for Charitable Statistics Discovers Unauthorized Access to Form 990 and e-Postcard Filing Systems for Nonprofit Organizations
The Urban Institute’s National Center for Charitable Statistics (NCCS) recently discovered that an unauthorized party or parties gained access to the Form 990 Online and e-Postcard filing systems for nonprofit organizations. The intruder or intruders retrieved email addresses, usernames, passwords, first and last names, IP addresses, phone numbers, and addresses and names of nonprofits. This…
Legal liabilities in recent data breach extend far beyond Anthem
Joseph Conn reports: The potential legal liabilities from the unprecedented breach of some 80 million individuals’ records at Indianapolis-based insurance giant Anthem could entangle nearly 60 health insurance plans from Hawaii to Puerto Rico, legal experts say. More than 50 class-action lawsuits related to the breach already have been filed in less than a month. The plans could find…