Cybersecurity

Inside the SK Telecom Data Breach: What Happened and What Companies Can Learn

July 15, 2025 By Hanna Hewitt and Kim Peretti

In April 2025, SK Telecom—South Korea’s largest mobile carrier—formally notified regulators of a significant data breach that compromised sensitive SIM card data belonging to nearly 27 million users. Following an investigation, the Ministry of Science and ICT and the Korea Internet & Security Agency (KISA) concluded in July 2025 that SK Telecom was negligent in […]

New York Department of Health Issues Urgent Cybersecurity Warning Following U.S. Strikes on Iranian Nuclear Facilities

July 14, 2025 By Kim Peretti, Kate Hanniford, Angela Burnette, Jennifer Pike and Andrew Rice

The New York State Department of Health has issued an urgent cybersecurity advisory (the Advisory) warning of increased threat levels and a higher likelihood of cybersecurity attacks from Iranian state-backed actors following U.S. military strikes on the Fordow, Natanz, and Isfahan nuclear facilities in Iran. The Advisory warns that “intelligence sources indicate a high likelihood […]

Back from the Brink: District Court Clears Air Regarding Individualized Damages Assessment in Data Breach Cases

July 3, 2025 By Gavin Reinke, Ashley Miller and Amanda Wellen

On June 27, 2025, the District Court for the Middle District of Florida, on remand from the Eleventh Circuit, reversed course when it denied class certification to a group of plaintiffs who were purportedly impacted by a spring 2018 cyberattack on Brinker International, Inc., the parent company of the popular chain restaurant, Chili’s. The recent […]

Trump Administration Releases Cyber Executive Order Revealing Renewed Strategy for U.S. Cybersecurity

June 15, 2025 By Kim Peretti and Kristen Bartolotta

On June 6, 2025, President Trump issued an Executive Order (EO) on Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity, amending certain prior directives established by the Biden and Obama administrations. Importantly, the administration’s new directive maintains continuity of the cybersecurity goals of prior administrations and demonstrates that cybersecurity remains a bipartisan priority. However, the […]

Suite Victory: Marriott Finally Checks Out of Court

June 9, 2025 By Donald Houser, Gavin Reinke and Nicole Weeks

On June 3, 2025, the U.S. Court of Appeals for the Fourth Circuit issued a pivotal ruling in longstanding litigation against Marriott International, Inc., arising out of a 2018 data breach involving its Starwood Preferred Guest Program. In reversing the lower court’s grant of class certification, the Fourth Circuit determined that the customers’ contractual agreements […]