U.S. District Judge Lucy Koh said Thursday that both sides in multidistrict litigation over Yahoo’s 2013 data breach should prepare to discuss how the case will be affected by news the hack, previously thought to have impacted about 1 billion accounts, actually reached all 3 billion of its users.
The U.S. Securities and Exchange Commission pays too much for IT work and other contracts, keeps its employees siloed, faces ongoing security vulnerabilities and needs more money, its inspector general said in a Thursday report about the agency’s biggest management struggles.
Transamerica Financial Advisors Inc. was hit Thursday with a putative class action in Florida federal court that accuses the financial services firm of sending unsolicited faxes, in violation of the Telephone Consumer Protection Act.
The creator of a Texas oil and gas industry professional networking website who sold the company for $51 million, then hacked in to steal information while launching a competitor, was sentenced to a year and a day in prison by a Manhattan federal judge on Friday.
A California policyholder’s proposed class action against Aetna Inc. landed in Pennsylvania federal court Thursday, where it joined the first action to be filed over the exposure of confidential HIV-related information through a window on envelopes mailed to roughly 12,000 individuals.
The full Ninth Circuit on Thursday refused to reconsider a split panel decision upholding a contested $8.5 million class action settlement in a privacy dispute against Google Inc., prompting the objectors to vow to take the challenge to the U.S. Supreme Court.
A California judge expressed skepticism Friday about TransUnion’s bid for a new trial or reduced damages following its $60 million loss in a Fair Credit Reporting Act class action, saying that “to this day, TransUnion doesn’t really understand” the harm caused by credit reports that confused consumers with names on a terrorist watch list.
A technology company has agreed to a $264,000 penalty after an issue with its cloud-based IT support system led to the names and Social Security numbers of 660 users of Vermont’s health insurance exchange showing up online, according to the state attorney general.
VTech Electronics told an Illinois federal judge Thursday that a narrowed suit over the hack of an online portal for its digital learning toys that comprised the data of 11 million adults and children still rests on a flawed foundation.
A former Winston & Strawn LLP partner with cybersecurity and data breach experience, including federal and state regulatory compliance, internal breach investigations and breach response planning, has joined Sheppard Mullin Richter & Hampton LLP as a partner in New York.
House lawmakers on Thursday sharply questioned the former chairman and chief executive of Equifax Inc. over a massive data breach that left more than 145 million Americans' personal information exposed, raising questions about why he had appeared to testify as opposed to current executives.
Electronic Arts Inc. urged a California federal judge Wednesday to reject a bid by retired NFL players to revive a state publicity claim in their putative class action alleging the game maker improperly used their likenesses in Madden video games, arguing the players haven’t presented any new arguments.
Pennsylvania federal prosecutors Thursday filed an indictment charging a Philadelphia man with using PayPal to embezzle $1.6 million from his former employer, a New Jersey company that sells products for the cellular phone industry.
The Consumer Financial Protection Bureau’s internal watchdog has concluded that the agency needs to improve its handling of consumers’ personal data and confidential investigation information, noting in a report that the regulator’s lacking data protection practices could put sensitive details at risk.
The U.S. Judicial Panel on Multidistrict Litigation rejected efforts by technology company Blue Spike LLC to centralize in Texas nine patent lawsuits, saying Wednesday it wasn’t persuaded there was enough commonality in the cases to make centralization beneficial or necessary.
LinkedIn Corp. asked the Ninth Circuit on Tuesday to nix a lower court’s preliminary injunction allowing a startup to scrape information from the networking site's public profiles, arguing antitrust laws don’t require it to give another company a “free ride” on its work, and that doing so would violate the Computer Fraud and Abuse Act.
Columbia University’s Knight First Amendment Institute filed suit in New York federal court Wednesday against various federal agencies seeking documents relating to the “extreme vetting” of non-citizens, saying the government’s failure to produce the records violates the Freedom of Information Act.
Congresswoman Suzan DelBene, D-Wash., sent a letter to IRS Commissioner John Koskinen on Wednesday demanding answers as to why the agency awarded a no-bid contract for taxpayer and personal identity verification services to Equifax, the credit-reporting agency that suffered a massive security breach exposing the personal information of nearly half of all Americans.
Deputy Attorney General Rod Rosenstein told an audience of tech executives gathered in Boston on Wednesday that the U.S. Department of Justice is poised to help them root out abuse and criminal activity, despite its concerns about their increasing use of encryption.
The Boston Bar Association on Wednesday made six criminal justice recommendations for the commonwealth of Massachusetts, including repealing mandatory minimums, changing the cash bail system so people don’t have to wait in jail, and reforming the criminal records law that holds people back from getting jobs.
The Consumer Financial Protection Bureau’s arbitration rule restores transparency and accountability to our justice system and allows people to exercise their Seventh Amendment rights. However, the House of Representatives has voted to block it and the rule is in jeopardy, says Jean Sternlight, director of the Saltman Center for Conflict Resolution at the UNLV Boyd School of Law.
Digital health is now an accepted part of the health care delivery system and has been widely adopted by both health providers and consumers. However, technology is evolving quickly and counsel for businesses entering this market in Massachusetts must keep up with a complex legal and regulatory landscape, says Ellen Janos of Mintz Levin Cohn Ferris Glovsky and Popeo PC.
Payment collection delays have caused law firms to seek new options, one of which is litigation finance. In this context, litigation finance can offer alternative avenues to firms as they approach the end of a fiscal year or partnership distribution dates, says Travis Lenkner of Burford Capital LLC.
Imagine going to a restaurant and ordering your steak medium-rare. The steak arrives burned. You expect the kitchen to bring you another one properly done, right? And you don’t expect to pay for two steaks, do you? Paying a vendor for document review should be no different, says Lisa Prowse, an attorney and vice president at e-discovery firm BIA Inc.
The cause of British Airways' estimated £80 million information technology failure in May 2017 was human error, but human error outsourced. These kinds of disasters bring into sharp relief the exposures that may trip up even the most well-intentioned outsourcing arrangements, say James Meadows and Heather Clauson Haughian of Culhane Meadows PLLC.
Unfortunately, heightened awareness of third-party cyberrisk and the urgency of identifying third-party activity has not fully extended to the consumer-facing digital assets — websites, mobile applications, social media — that form the backbone of modern business-to-consumer communications, says Chris Olson, CEO of The Media Trust.
Brick-and-mortar retailers and other property-level businesses have increasingly taken advantage of technology in learning about consumer behavior. But security breaches of consumer information have led to government investigations and multimillion-dollar settlements. Businesses should incorporate privacy principles at every stage of the development of data tracking and collection programs, say attorneys with King & Spalding LLP.
Following the radical changes brought by advances in internet of things technology, the health care industry must take both immediate micro steps and larger macro steps to protect its patients from cyberrisks, say John Gilligan and Kimberly Metzger of Ice Miller LLP.
Insider trading allegations have surfaced at Equifax, where three executives sold nearly $2 million in shares of the company’s stock days after the cyberattack was discovered but before the news was announced. The situation raises a number of fundamental questions about Equifax’s insider trading policy, say Gary Tygesson and Cam Hoang of Dorsey & Whitney LLP.
The slow pace of cyber acquisitions constitutes a significant vulnerability. Congress has relieved some of the U.S. Department of Defense's regulatory burden in the past two years, but the streamlining efforts do not go nearly far enough to deter our enemies, says Daniel Schoeni, a judge advocate with the U.S. Air Force.