Alston & Bird recently issued an Advisory, co-authored by Jim Harvey and Karen Sanzaro, on the complexities of managing a data breach that implicates strategic third party vendor relationships. Cybercrime and data security incidents are on the rise. Security breaches and the ensuing investigation and remediation process can be costly and complex. The process is […]
Data Breach
FTC and Wyndham Settle Data Security Allegations
On December 9, 2015, the Federal Trade Commission announced that Wyndham Worldwide Corp., Wyndham Hotel Group LLC, Wyndham Hotels and Resorts, LLC, and Wyndham Hotel Management, Inc. (“Wyndham”) had agreed to settle FTC charges that the company’s security practices unfairly exposed the payment card information of consumers to hackers in three separate data breaches between […]
FTC’s Ability to Regulate Data Security Potentially Limited in FTC v. LabMD
A November 13, 2015 decision from the Federal Trade Commission’s Chief Administrative Law Judge, D. Michael Chappell, calls into question FTC enforcement in the data privacy space. The case began when the FTC filed a complaint on August 28, 2013 after an employee of LabMD, a cancer detection laboratory, downloaded peer-to-peer (“P2P”) software that exposed patient […]
Alston & Bird Partners Speak at NAWL General Counsel Institute
Kim Peretti, partner and co-chair of Alston & Bird’s Cybersecurity Preparedness & Response Team, and Allison Ryan, partner, were speakers in the session “The Role of In-House Counsel in Cybersecurity in Both the Pre- and Post-Breach Worlds” at the 11th Annual General Counsel Institute. The Institute took place November 5-6 in New York and was hosted by the National […]
FFIEC Warns of Increase in Cyber Attacks Involving Extortion, Encourages Financial Institutions to Develop Response Programs
Last week, the Federal Financial Institutions Examination Council (FFIEC) issued a joint statement warning of an “increasing frequency and severity of cyber attacks involving extortion.” The statement warned that criminals have been extorting financial institutions using a variety of tactics, including denial of service attacks, theft of sensitive information, and use of “ransomware,” which is […]