Featured

Jail time for concealing a data breach? The Uber breach raises the stakes again in relation to breach response.

On November 30, three Senate Democrats introduced the now third pending bill concerning data breach response and substantive data security requirements, all three of which came in the wake of the Uber and Equifax data breaches, and the stunning revelation that Uber hid the breach for over a year.  Indeed, as is now well known, Uber went so far as to pay a hacker or hackers to conceal the breach and delete the compromised data.

Continue reading
957 Hits
Featured

Rise of the Plaintiff Jurisdictions - Local Edition (with some help from the Plaintiffs’ bar)

Like a rider hailing an overcrowded uberPOOL heading to O’Hare on a busy weekday, the City of Chicago has joined the feeding frenzy surrounding the recently disclosed and controversially handled Uber breach. 

Continue reading
782 Hits
Featured

Turning Bad Breach Response Up to 11: Uber Shows Us What (Else) to Avoid in Response to a Breach

At the recent 2017 GreyCastle Cybersecurity Symposium: Generation Cyber, I had the pleasure of presenting the “Top 10 Legal Pitfalls to Avoid in Relation to a Data Breach.”

Continue reading
821 Hits
Featured

Cybersecurity Regulations Can Move at Lightning Speed; Don’t Get Burned!

As we have noted previously on the new DFS cybersecurity regulations, 23 N.Y.C.R.R. Part 500, the regulatory process is—by definition—vastly more swift and adaptable than the legislative process. What may get bogged down in legislative committee for months or years can be hammered out in a matter of days in the administrative state.

Continue reading
1235 Hits
Featured

What does the Equifax breach mean to your organization? Quite a lot, actually.

The sheer size of the recent Equifax breach—affecting nearly half of all Americans and potentially more than half of those over 18—is staggering.  It is the nature of the breach, however, and the type of information taken, that gives the greatest pause.

Continue reading
1356 Hits

Disclaimer

This website presents only general information not intended as legal advice. Although we encourage calls, letters and emails from prospective clients, please keep in mind that merely contacting Harter Secrest & Emery LLP (HSE) does not establish an attorney-client relationship between us. Confidential information should not be sent to HSE until you have been notified in writing by HSE that a formal attorney-client relationship has been established. Information sent to us before then may not be treated as confidential by HSE or the court.

I have read this and agree     Cancel