Class Action Lawsuit Filed Against Tempur Sealy and Aptos for Payment Card Data Breach
7/12/17
By: Agne Krutules
A putative consumer class action lawsuit arising from a large data breach was recently filed in the U.S. District Court for the Northern District of Georgia against Tempur Sealy International, Inc. and Aptos, Inc.
Tempur Sealy is …
Target Pays Largest Ever Data Breach Settlement
6/2/17
By: Amy C. Bender
Target has agreed to pay $18.5 million to settle claims by almost all 50 states – the largest multistate settlement and largest data breach settlement in history – arising from the 2013 incident where hackers accessed …
WannaCry Brings New Focus on Cyber Insurance and Privacy Impact Assessments
5/18/17
In the wake of last week’s WannaCry ransomware attack that crippled nearly 200,000 computers across 150 nations, businesses around the world must reassess how they can protect themselves from the seemingly inevitable cyber-attack. According …
WannaCry Ransomware Cyberattack Brings Tears to the Eyes of Businesses in More than 150 Countries
5/18/17
By: Robyn Flegal
As of May 18, 2017, more than 200,000 computers in 150 countries have been hit by a large-scale ransomware attack. Victims of the attack include the British National Health Service, FedEx, and Renault. By exploiting a vulnerability …
Tennessee Re-Amends its Data Breach Notification Statute
5/5/17
By: Kacie L. Manisco
As we discussed in a prior blog post last year, in March 2016, Tennessee enacted an amendment to its data breach notification law that seemingly removed the encryption safe harbor, creating uncertainty over whether such …
Failing to Examine Risks Leads to Data Breach and Hefty Settlement Payout
4/24/17
The U.S. Department of Health and Human Services Office for Civil Rights (OCR) has announced a $400,000 settlement with Metro Community Provider Network (MCPN), a Federally Qualified Health Center providing primary medical care and other health-related services …
Cyber Criminals Target FTP Servers of Healthcare Providers
4/5/17
By: Agne Krutules
The FBI has issued an alert warning medical care providers that cybercriminals are actively targeting File Transfer Protocol (“FTP”) servers of medical facilities. FTP is a common protocol used to transfer data between network hosts. The alert …
Late, But Not Last, New Mexico Legislature Passes Data Breach Notification Law
3/31/17
On March 15, 2017, New Mexico’s Senate passed H.B. 15, the Data Breach Notification Act, making New Mexico the 48th state to pass a data breach notification law. The law, if signed by the …
Internet of Things Device Manufacturer Settles Class Action Lawsuit
3/20/17
By: Matthew N. Foree
Recently, the United States District Court for the Northern District of Illinois preliminarily approved a class action settlement involving the manufacturer of an Internet of Things (“IoT”) device. In this case, two plaintiffs, whose names were …
MLB Approves Wearable Biometric Monitor During Games – What Are The Risks?
3/16/17
By: Amy C. Bender
Major League Baseball has announced it will allow players to wear a WHOOP Strap during games beginning in the 2017 season. The device gathers and analyzes levels of strain, sleep, and recovery by measuring factors such …
The FCC Stays Data Security Rules for Internet Service Providers
3/8/17
By: Robyn M. Flegal
The Federal Communications Commission (FCC) voted on Wednesday, March 1, 2017, to temporarily stay a portion of the data security rules passed in October of 2016. The portion of the rules stayed by the FCC would …
U.S. Department of Homeland Security Issues Strategic Principles for Securing the Internet of Things
3/7/17
By: Matthew N. Foree
As we have reported previously, the growth of network connected devices (“Internet of Things”) has created increasing concerns about the security risks of those devices. Recently, the U.S. Department of Homeland Security (“DHS”) issued non-binding …