Health insurance giant Anthem, Inc. agreed to the largest data breach settlement to-date last week, ending multi-district consumer litigation over a 2015 data breach for $115 million. The data breach, which resulted from a hacker-orchestrated cyberattack following the theft of an employee password, exposed personally identifiable information (“PII”) and protected health information (“PHI”) of nearly […]
Crisis & Data Breach Response
Northern District of Illinois Dismisses Barnes & Noble Data Breach Lawsuit
Earlier this month, the United States District Court for the Northern District of Illinois entered an order dismissing with prejudice a putative class action concerning a security breach affecting PIN pad devices at numerous Barnes & Noble locations. The lawsuit, In re Barnes & Noble Pin Pad Litigation, No. 12-cv-8617 (N.D. Ill.), was brought by […]
Court Holds Forensic Investigator’s Report is Protected from Disclosure
Third-party forensic investigations performed at the direction of counsel are part-and-parcel of virtually every data breach. There has been little case law, however, directly addressing the extent to which the attorney-client privilege and/or work product doctrine protects those forensic investigations from disclosure. Last week, the Central District of California held that, under the specific facts […]
May 30 is Fast Approaching – Are You Ready for Compliance with the Amended Act on Protection of Personal Information in Japan?
Japan’s Act on Protection of Personal Information currently in force (“Current APPI”) dates back to 2003. It was originally enacted on May 30, 2003, and came into effect in 2005. Ten years later, the National Diet passed extensive reforms to modernize the Current APPI in September, 2015. Although the Amended Act on Protection of Personal […]
New Mexico Data Breach Legislation Passes
New Mexico recently became the 48th state to pass some form of data breach notification legislation, leaving Alabama and South Dakota as the lone holdouts. The Data Breach Notification Act was signed by New Mexico Governor Susana Martinez on April 6, 2017. The law applies to persons that own or license personal identifying information of […]