Data Breach

Subscribe to Data Breach

Following in the footsteps of the Eastern District of Virginia’s Capital One decision last year and the District of D.C.’s Clark Hill decision earlier this year, the Eastern District of Pennsylvania has just ordered the production of a data breach forensic report and related communications.  In re Rutter’s Data Sec. Breach Litig., No. 1:20-CV-382,

Phil Yannella, Ballard Spahr litigation partner and Practice Leader of Ballard’s Privacy & Data Security Group, recently authored a treatise on data breach and privacy litigation. The book, Cyber Litigation: Data Brach, Data Privacy & Digital Rights, is published by Thomson Reuters and is available now for purchase.
Continue Reading Ballard Spahr Partner, Phil Yannella, Authors Book on Data Breach and Privacy Litigation

On May 12, 2021, President Joe Biden issued an Executive Order to implement new policies aimed at strengthening the nation’s cybersecurity. The Executive Order was issued in response to the recent SolarWinds, Microsoft Exchange, and Colonial Pipeline cybersecurity incidents, which were, according to the White House, “a sobering reminder that U.S. public and private sector entities increasingly face sophisticated malicious cyber activity from both nation-state actors and cyber criminals.”
Continue Reading President Biden’s Cybersecurity Executive Order Has Implications for the Private Sector

In a thoughtful opinion that diverges from how other circuit courts have addressed the issue, the Second Circuit recently issued a ruling clarifying the circumstances when data breach plaintiffs can rely on fear of identity theft to establish Article III standing.
Continue Reading Second Circuit Ruling Clarifies When Data Breach Plaintiffs Have Adequately Plead Article III Standing

On January 12, 2021, the federal District Court for the Central District of California dismissed a data breach law suit—including a claim filed under the California Consumer Privacy Act (“CCPA”)—against Marriott International, Inc.  The holding, which dismissed the claims for lack of standing, will likely play a role in a number of CCPA cases that

The Administrative Office of the U.S. Courts (the “AO”) recently disclosed that it has initiated an investigation into an apparent compromise in security of the Judiciary’s Case Management/Electronic Case Files System (“CM/ECF”) as a result of vulnerabilities associated with SolarWinds Orion products.  The AO noted that it is currently working with the Department of Homeland

The Cybersecurity Infrastructure Security Agency, Federal Bureau of Investigation, and Department of Health and Human Services have jointly posted an advisory to warn hospitals and other health care providers about the threat of malicious attacks on their information systems.  At least six hospitals across the United States were recently victimized by attacks using Trickbot malware

October is National Cybersecurity Awareness Month, and the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (“FinCEN”) and Office of Foreign Assets Control (“OFAC”) kicked off the month by issuing two advisories that aim to increase cybersecurity awareness, assist financial institutions in detecting and reporting ransomware activity, and highlight potential sanctions risks for

With the rise of the digital world, many estate planning clients have accumulated large collections of “digital assets” that are stored online. In its simplest form, a “digital asset” is a non-physical asset that exists online in electronic format. Most clients preserve digital assets either for their sentimental value or their financial value. Examples of