The September 2015 data breach at Experian exposed the personal information of nearly 15 million wireless carrier customers, and we are just now learning the cost.
A recent earnings report
Continue Reading The Staggering Scope of a Cybersecurity Breach
A recent District of Nevada ruling could cause issues for consumers in data breach class action cases moving forward. On June 1, 2015, the court ruled that a consumer class action against Zappos.com Inc. could not proceed because the class did not state “instances of actual identity theft or fraud.” The suit was brought as a result of a 2012 data breach where Zappos’ customers’ personal information was stolen, including names, passwords, addresses, and phone numbers. Even though the information was stolen, the court dismissed the case because the class could not prove that they had been materially harmed and had no other standing under Article III.
Continue Reading Further Thoughts on Data Breaches and Article III Standing
With 2013 being dubbed as the “Year of the Mega Breach” it comes as no surprise that the Federal Trade Commission (“FTC”), on June 30, 2015 published “Start with Security: A Guide for Businesses” to educate and inform businesses on protecting their data.
Continue Reading Their Experience, Your New Business Guide: How Settling Over Fifty Data Security Cases has Given Rise to Key Lessons from the FTC for Businesses
This blog post is the sixth and final entry of a six-part series discussing the best practices relating to cyber security. The previous post discussed the individuals and organizations that should be notified once a cyberattack occurs. This post will focus on what a business should not do after a cyberattack. Key points include (1) not using the network, (2) not sharing information with unconfirmed parties, and (3) not attempting to retaliate against a different network.
Continue Reading The Anatomy of a Cyber Attack: Prevention, Response and Postmortem (Part 6 of 6)
This blog post is the fifth entry of a six series discussing the best practices relating to cyber security. The previous post discussed the important steps that a business should take to preserve evidence and information once a cyberattack has been identified. This post will discuss the individuals and organizations that should be notified once a cyberattack occurs. The four most important groups to contact are (1) individuals within the business, (2) law enforcement officials, (3) The Department of Homeland Security, and (4) other possible victims.
Continue Reading The Anatomy of a Cyber Attack: Prevention, Response and Postmortem (Part 5 of 6)
This blog post is the fourth entry of a seven-part series discussing the best practices relating to cyber security. The previous post discussed the initial steps that a business should take once a cyberattack has been identified. This post will discuss further steps that a business should take after an attack.
Continue Reading The Anatomy of a Cyber Attack: Prevention, Response and Postmortem (Part 4 of 6)
This blog post is the third installment of a seven-part series discussing the best practices relating to cyber security. The first two blog posts discussed the best practices for preparing a business in case of a cyberattack. This post will discuss the initial steps that a business should take after a cyberattack occurs.
Continue Reading The Anatomy of a Cyber Attack: Prevention, Response and Postmortem (Part 3 of 6)
On July 20, 2015, in Remijas v. Neiman Marcus Group, LLC, No. 14-3122 (7th Cir. 2015), the Seventh Circuit held that the United States District Court for the Northern
Continue Reading The Seventh Circuit Sides with Plaintiffs in Data Breach Litigation
This is the second installment in a seven-part discussion on the best practices to prevent a cyberattack. The first part discussed four critical steps to prepare a business in the case of a cyberattack. These included: (1) identifying the crucial assets and functions a business, (2) creating an Response Plan, (3) installing the appropriate technology, and (4) obtaining authority for network monitoring. This article builds on those steps by suggesting further best practices in order to prevent a cyberattack.
Continue Reading The Anatomy of a Cyber Attack: Prevention, Response and Postmortem (Part 2 of 6)
Cyber-attacks can impact any business regardless of size, sector, or level of cyber security. The best way to minimize damages from a cyber-attack is to plan ahead and prepare for a possible attack. Forward thinking can minimize damages and shorten the process of recovery from a cyber-attack. The following suggestions are important steps that every business should take to prepare for a cyber-attack.
Continue Reading The Anatomy of a Cyber Attack: Prevention, Response and Postmortem (Part 1 of 6)