data breach

Subscribe to data breach via RSS

A trial court in the Seventh Circuit recently dismissed a data breach class action case against Barnes & Noble (B&N) due to the plaintiffs’ failure to allege actual or imminent injuries.1 This is one of the first data breach cases following the U.S. Supreme Court’s recent decision about pleading actual damages in Clapper v. Amnesty Int’l USA.2 The trial court relied on Clapper to dismiss the case rather than follow Seventh Circuit precedent, which may have allowed the case to continue. Clapper appears to provide defendants with a strong defense in data breach cases.
Continue Reading Barnes & Noble Dodges Suit over PIN Pad Data Breach

California, which enacted the pioneering security breach notification law in 2002, again has taken the lead in security breach notification legislation. In an effort to protect consumers against unauthorized access to their online accounts, California has extended its security breach notification law to cover individuals’ online account credentials (i.e., a user name or email address, in combination with a password or security question and answer, that would permit access to an online account) in amendments that will take effect on January 1, 2014.1 This article discusses California’s existing security breach notification obligations, as well as the changes provided for in these amendments.
Continue Reading California Extends Security Breach Notification Requirements to Online Account Credentials