On October 22, Alston & Bird’s Kim Peretti, Security Incident Management & Response Team co-chair, spoke at the 2013 Fraud Summit in a session titled “Post-Fraud Investigation: Effective, Efficient, Defensible.” Her presentation focused on how organizations must ensure they are prepared to respond effectively, efficiently and defensibly when they detect fraudulent activity. Following the conference, […]
Data Breach
Update: California Governor Brown Signs into Law S.B. 46, New Notification Requirements for Data Security Breaches
On September 27, 2013, California Governor Brown signed into law S.B. 46, amending California’s data security breach notification law California Civil Code Section 1798.82. The new law builds upon existing requirements for prompt consumer notification whenever individuals have had their passwords, usernames or security question and answers compromised. It expands the definition of personal information […]
California S.B. 46 Expands Data Breach Notification Law to Include Breaches of User Names and Email Addresses for Online Accounts
California Governor Brown is preparing to sign into law a new data security breach notification bill (S.B. 46) that expands the coverage of California’s existing breach law to include breaches of individuals’ online user names and email addresses, when acquired in combination with passwords or a security question and answer that would permit access to […]
Fifth Circuit Revives Banks’ Heartland Data Breach Claims
In Lone Star Nat’l Bank, N.A., et al. v. Heartland Payment Sys., Inc., No. 12-20648 (5th Cir. Sept. 3, 2013) (hereinafter “Heartland”), arising from the now-infamous 2008 data breach, the Fifth Circuit recently reversed a motion to dismiss, finding that the economic loss doctrine did not apply and that various credit card issuers could state […]
Illinois District Court Dismisses Data Breach Claims for Lack of Standing
In In re Barnes & Noble Pin Pad Litigation, No. 1:12-cv-08617 (N.D. Ill. Sept. 3, 2013), the United States District Court for the Northern District of Illinois dismissed a putative class action against defendant retailer Barnes & Noble because the named plaintiffs could not establish injury in fact stemming from the alleged security breach, and […]