Illinois Governor Bruce Rauner recently issued an amendatory veto of Senate Bill 1833 (SB 1833), the proposed amendment to Illinois’ Personal Information Protection Act. As previously discussed in this blog, SB 1833 seeks to strengthen Illinois’ data breach notification law by expanding the types of information that trigger breach notifications, and by placing additional requirements […]
Seventh Circuit Finds That Customers Have Standing to Pursue Claims in Neiman Marcus Data Breach Action
The United States Court of Appeals for the Seventh Circuit reversed the district court and found that plaintiffs, customers of Neiman Marcus, have standing to pursue claims resulting from a 2013 data breach of Neiman Marcus’ computer system. Remijas v. Neiman Marcus Group, No. 14-3122 (7th Cir. 2015). As discussed previously in this blog, Article […]
FCC Settles Data Security Action
The FCC entered into a $3.5 million settlement with TerraCom, Inc. (TerraCom) and YourTel America (YourTel). The settlement reduces the initial $10 million fine, and concludes the investigation into whether the companies failed to properly protect the confidentiality of personal information they received from more than 300,000 consumers. The Enforcement Bureau of the FCC initiated […]
FTC Releases Data Security Guide for Businesses
Following a data breach, a company may find itself the subject of regulatory proceedings, which can include fines, brought by the Federal Trade Commission (FTC). In the past 15 years, the FTC has brought more than fifty law enforcement actions related to data security. Using lessons learned from these enforcement actions, the FTC compiled and […]
District Courts Reach Opposite Conclusions on the Issue of Standing in Data Breach Cases
Whether plaintiffs have standing to pursue their claims has been the determinative issue in much of the data breach litigation to this date. In two recent cases, the United States District Court for the District of Nevada and the United States District Court for the Central District of California reached different conclusions on the question […]
District Court Finds No Duty to Defend Under Cyber Liability Policy
A judge in the United States District Court for the District of Utah denied Defendants’, Federal Recovery Services and Federal Recovery Acceptance, Inc. (collectively “Defendants”), Motion for Partial Summary Judgment seeking a determination that Plaintiff, Travelers Property Casualty Company of America (Travelers), owed a duty to defend under a cyber liability policy.
Study Finds Cost of Data Breach Reaches New Record High
The Ponemon Institute released its 2015 Cost of Data Breach Study, finding that the cost of a data breach reached a new record high in the United States during the past year. This is the 10th annual Cost of Data Breach Study conducted by the Ponemon Institute.
Insurer Denies Cyber Insurance Claim Following Data Breach
On May 7, 2015, Columbia Casualty Company (Columbia) filed a declaratory judgment action in the United States District Court for the Central District of California seeking a declaration that it is not obligated to provide defense or indemnification for its insured, Cottage Health System (Cottage), under a cyber liability policy.
Illinois Legislature Debates Stronger Data Breach Notification Law
Proposed legislation currently under consideration by the Illinois General Assembly would amend Illinois’ Personal Information Protection Act (PIPA) by expanding the law’s definition of personal information and by requiring new disclosure and security requirements on data collectors. Senate Bill 1833 passed the Illinois State Senate on April 21, 2015 by a 35-13 vote. On May […]
DEBT COLLECTION: Do you really owe the money?
Verify your debt before paying any collection agency: There are many scam artists trying to collect non existent debts. They phone, they text, they email, and they use regular mail. Before you send money to a collection agency there a few simple steps you should take to obtain additional information about the debt to ensure […]