On June 4, 2018, the Governor signed into law Public Act 18-90, An Act Concerning Security Freezes on Credit Reports, Identity Theft Prevention Services and Regulations of Credit Rating Agencies (the “Act”), likely in reaction to the Equifax breach among many others.  The title of the Act leaves little to the imagination as to its subject matter.
Continue Reading Connecticut Legislature Responds to Proliferation of Data Breaches

Uber suffered a data breach in 2014 resulting in the compromise of more than 50,000 drivers’ personal information, including back account and social security numbers. Drivers brought a class action suit in federal court in the U.S. District Court for the Northern District of California.  On May 10, a judge tossed the suit for a third time for lack of standing because the two named plaintiffs failed to allege that they suffered an injury in fact.
Continue Reading Uber Catches Break in Data Breach Class Action

Two courts. Two days.  Two different results.  On March 7, on remand from the U.S. Court of Appeals for the Eighth Circuit, a federal district court judge in Minnesota granted a motion to dismiss a consumer class action suit involving a 2014 data breach affecting over 1,000 grocery stores.  The court found that the allegations of possible future identity theft or fraud because of the breach were not sufficient to establish a substantial risk of future harm.
Continue Reading The Standing Struggle in Data Breach Litigation Continues

W-2 phishing season is just a few weeks away.  For the past several tax seasons, cyber criminals have duped hundreds of payroll departments into providing W-2 information on their employees, which results in the filing of fraudulent tax returns and other identity theft issues.  These attacks are incredibly disruptive to employees, extremely expensive for employers and are completely avoidable with some training. 
Continue Reading ‘Tis the Season: W-2 Phishing Scams Likely to Resurface After the New Year