News Alerts and Breach Report for Week of June 13, 2022

Cybersecurity Named Top Driver of Legal Disputes The  2021 Annual Litigation Trends Survey from Norton Rose Fulbright, which surveyed 250 U.S. General counsel and litigation leaders, has identified technological progression and its inherent cybersecurity risks as a primary threat vector…

Read More

News Alerts and Breach Report for June 6, 2022

CISA Adds 21 Vulnerabilities to Catalog Last week, The Cybersecurity and Infrastructure Agency (CISA) alerted federal agencies to 75 new additions to its new Known Exploited Vulnerabilities Catalog. Affected software includes products from Cisco, Microsoft, Adobe and Oracle. A significant…

Read More

News Alerts and Breach Report for May 26, 2022

NAAG Launches Cybersecurity Resource Center Last week the National Association of Attorneys General (NAAG) announced a new initiative focused on cybersecurity. The NAAG Center on Cyber and Technology (CyTech) joins other NAAG centers focused on key public interests, and will…

Read More

News and Alerts for April 19, 2022

Virginia Passes Amendments to VCDPA Governor Glenn Young of Virginia last week approved three amendments to the Virginia Consumer Data Protection Act (VCDPA). The first amendment, H 381, creates an exemption to consumers’ right to delete, and will allow data…

Read More

Saudi Arabia’s Data Protection Law: The Personal Data Protection Law

On March 10, the Kingdom of Saudi Arabia’s Saudi Data & Artificial Intelligence Authority (SDAIA) issued a draft version of executive regulations supplementing the nation’s first standalone comprehensive data protection law, The Personal Data Protection Law (PDPL). PDPL was implemented…

Read More
SolarWinds

Shareholders Seek to Hold Current and Former SolarWinds Officials Liable for Massive 2020 Security Breach

Investors filed a derivative suit claiming that the company knew about, and failed to mitigate known, existing cybersecurity risks and shortfalls prior to the security breach. In early November, pension funds and individual shareholders filed a lawsuit against SolarWinds Corporation (“SolarWinds”) as well as current and former members of the board directors. The suit comes in the…
Read More
Google

Lloyd v Google: A Sigh of Relief for Data Controllers

In unanimously refusing to allow a representative action to proceed, the UK Supreme Court may have sounded the death knell for opt-out class actions in England for data breaches: Lloyd v Google [2021] UKSC 50. The Safari workaround Back in 2011 Apple’s Safari web browser on iPhones blocked all third-party cookies. This prevented popular websites from working…
Read More
PII

Courts Rule on When a Data Breach of PII is Actionable

The Second Circuit recently joined a growing number of federal courts to decide when a data breach of personally identifiable information (“PII”) is actionable. According to the Second Circuit, plaintiffs do not have standing to bring a lawsuit when there is no allegation their PII was targeted or misused. The Second Circuit’s decision To bring…
Read More
Breach

Attorney-Client Privilege in the Age of Cyber Breaches

Investigations and forensic reports relating to a cybersecurity breach may not always be protected by the attorney-client privilege or work product protection.  Companies seeking such reports after a data breach must take caution to protect them from a possible waiver of privilege in the event of subsequent litigation relating to a data breach. The following…
Read More
Back To Top