An Unexpected Adversary and Risk in Notice Decisions?
You expect consumer complaints and even class action threats in the wake of a law firm data breach. But does a defense law firm expect to be sued by the carrier for the clients it represents? Whether surprising or not, it is happening and law firms must take note. In today’s world there are sometimes tensions between the interests of insurance companies and the law firms engaged to represent the ultimate client—the insureds. Now, it appears that law firms’ decisions following information security incidents have advanced up ...
Today the U.S. Supreme Court denied a cert petition in a matter aimed at resolving whether a plaintiff who alleges a substantial risk of harm in the future has standing under Article III of the Constitution. A ruling in the case, CareFirst v. Attias, would have had major implications for data-breach litigation and in class actions generally.
A quick refresher on standing. To satisfy Article III’s standing requirements, a plaintiff must show (1) he has suffered an “injury in fact” that is (a) concrete and particularized and (b) actual or imminent, not conjectural or ...
Between December 2014 and January 2015, Anthem Inc., suffered a massive cyberattack on its computer systems, allowing hackers to steal the health and personal information of nearly 80 million people. In re: Anthem, Inc. Data Breach Litigation, --- F. Supp.3d ----, No. 16-MC-2210 APM, 2017 WL 680378, at *1 (D.D.C. Feb. 21, 2017). Federal employees (who received their health insurance from Anthem through the Federal Employee Health Benefits Program) were among the victims of the hacking. Id.
On May 13, 2016, the Lead Plaintiffs in the multidistrict litigation served a subpoena on the ...
I remember in drivers’ education class being shown the obligatory scary movie on railroad crossing accidents. After the wreck, one salty old train engineer says to another, looking at the demolished car, “Why don’t they learn, Slim?” “I don’t know, Jim,” the other fellow says, scratching his furrowed brow.
In the information security world, we are past the need for scare tactics. Only an ostrich might be oblivious to the heightened cyber risks these days and their increasing frequency. Nevertheless, periodically you see cautionary reminders of mistakes that are ...
"Hello, Mr. Jones. Did you just try to make a $10,000 jewelry purchase in Brazil?" To put it mildly, that is not the type of question that want your customers-- or as an insurance company, the customers of your policyholder-- to receive. All too often, however, despite the best security efforts, data breaches of sensitive personal information, like credit card data, do occur.
The insurance industry sells a variety of differing products designed specifically to provide coverage for these types of claims and losses. But, would liability for such a data breach be covered by the backbone of ...
