In Lone Star Nat’l Bank, N.A., et al. v. Heartland Payment Sys., Inc., No. 12-20648 (5th Cir. Sept. 3, 2013) (hereinafter “Heartland”), arising from the now-infamous 2008 data breach, the Fifth Circuit recently reversed a motion to dismiss, finding that the economic loss doctrine did not apply and that various credit card issuers could state […]
Data Breach
Illinois District Court Dismisses Data Breach Claims for Lack of Standing
In In re Barnes & Noble Pin Pad Litigation, No. 1:12-cv-08617 (N.D. Ill. Sept. 3, 2013), the United States District Court for the Northern District of Illinois dismissed a putative class action against defendant retailer Barnes & Noble because the named plaintiffs could not establish injury in fact stemming from the alleged security breach, and […]
New European Data Breach Rules for Telcos and ISPs
On August 25, 2013, a new European Regulation came into effect that changed and expanded upon the breach notification procedures set forth in the E-Privacy Directive (2002/58/EC). The Regulation outlines two independent notification obligations: (1) notification to the relevant national authority within 24 hours after detection of a personal breach where feasible; and (2) notification […]