On May 17, 2018, the Purchase Card Industry Security Standards Council (PCI SSC) released version 3.2.1 of its PCI Data Security Standard (PCI DSS). Founded in 2004 by Visa, MasterCard, Discover, and American Express, the PCI SSC produces the “best practices” for enhancing the security ...
On April 11, 2018, the Seventh Circuit reversed and remanded a district court decision dismissing, for a lack of standing, a class action brought against Barnes & Noble related to a 2012 “skimming” attack suffered by the bookseller.
In a decision penned by Judge Easterbook, the court ...
On Thursday, November 30, 2017, three Democratic senators introduced a new bill called the Data Security and Breach Notification Act in the government’s latest effort to strengthen the nation’s cybersecurity. Of note, the bill requires companies to notify customers within 30 days of ...
In the wake of the recent Equifax data breach, the United States House of Representatives recently passed legislation that requires the federal government to assist small businesses in guarding against cyber-attacks by providing them with tools to do so. The bill, entitled the “NIST ...
After one of the largest cybersecurity breaches in United States history, three Equifax Inc. executives have been accused of what essentially amounts to insider trading.
Keeping up with the trend of state governments taking a proactive approach to cybersecurity, on August 17, 2017, Governor John Carney of Delaware signed into law a bill creating more stringent notification requirements on companies doing business in Delaware in the event of a data breach.
In two unrelated cases, New Jersey courts made the point that jurisdiction will extend to hackers who have no connection with the state other than an intention to harm its residents.
In Christie v. Nat’l Inst. for Newman Studies, U.S. District Judge Freda Wolfson determined that the court ...
The Illinois Appellate Court recently affirmed a circuit court order granting summary judgment that held that emails containing invitations to connect on LinkedIn did not constitute solicitations in violation of a non-competition agreement.
The dispute arose when Gregory P. Gelineau ...
Being prepared and knowing the steps to take after a ransomware attack may reduce a law firm’s legal, ethical, operational and even reputational exposure.
The recent NotPetya and WannaCry attacks resulted in the lock down of key data and hence operations at multinational businesses and ...
On May 11, 2017 President Donald Trump signed an executive order to bolster the government's cybersecurity and protect critical infrastructure from cyber-attacks, marking his first significant action to address what he had previously called a top priority.