Musings about the Equifax Data Breach

This is intended to be an old-fashioned "blog" about thoughts on the Equifax data breach. It will be ongoing so please check back regularly. Topics Media interviews and commentary We are seeing shame hacking taken to a new level Will I lead a consumer class action lawsuit against Equifax? Lawsuits and investigations against Equifax What [...]

Incident Response – 3 Takeaways from the Equifax Breach

The SecureWorld News Team talked with Shawn Tuma about many of the lessons that can be learned from the Equifax data breach and winnowed it down to the following 3 takeaways that are discussed more thoroughly in the article: We need a uniform national breach notification law in the United States. When it comes to [...]

Verizon Requires $350 Million Discount and Yahoo Share in Data Breach Liability — Good Deal?

UPDATE: Yahoo Shareholders Sue Over Massive Data Breaches (Law 360 paywall) Verizon and Yahoo have renegotiated their deal in the wake of Yahoo's revelations of its past data breaches. Verizon had agreed to pay $4.8 billion for Yahoo's Internet business in July 2016, but that was before Yahoo disclosed that it had two of the largest data [...]

Will Home Depot be the one to "get it"?

Home Depot Data Breach Shareholder Derivative Suit Against Directors Fails

Officers and directors of companies that have had data breaches have become targets of litigation through shareholder derivative claims since the consumer class-action claims have had a difficult time making it past the causation of harm threshold. Those officers and directors may now sigh in relief, if only briefly, following a November 30, 2016, ruling by the District Court [...]

Data Breach Litigation: Who’s Gonna Get It? Will it be Yahoo! (or Verizon)?

Below is a post that I wrote in 2011, back when we thought we were in the middle of the "Year of the Data Breach." We weren't -- not even close. Yesterday I read an article referencing the Ford Pinto and the infamous cost-benefit analysis memo that led to the jury sending "the message" to [...]