Posts tagged security breach litigation

authentication, comerica, commercially reasonable security, contracting, experimetal, FFIEC, layered security, multifactor authentication, patco, phishing, reasonable, Red Flags Rule, Security, security breach, security breach litigation, token, UCC 4A-202

The Duty to Authenticate Identity: the Online Banking Breach Lawsuits

By InfoLawGroup LLP on April 17, 2012

We have entered an era where our commercial transactions are increasingly being conducted online without any face-to-face interaction, and without the traditional safeguards used to confirm that a party is who they purport to be. The attenuated nature of many online relationships has created an opportunity for criminal elements to steal or spoof online identities and use them for monetary gain. As such, the ability of one party to authenticate the identity of the other party in an online transaction is of key importance.To counteract this threat, the business community has begun to develop new authentication procedures to enhance the reliability of online identities (so that transacting parties have a higher degree of confidence that the party on the other end of an electronic transaction is who they say they are). At the same time, the law is beginning to recognize a duty to authenticate. This blogpost post looks at two online banking breach cases to examine what courts are saying about authentication and commercially reasonable security.

Breach, damages, litigation, personal information, privacy, security breach litigation

California Federal Court Holds that Damages Properly Alleged in RockYou Data Breach Case

By InfoLawGroup LLP on April 19, 2011

In what may be a sign of an evolving judicial atmosphere and approach concerning data breach lawsuits, a Federal judge in the Northern District of California District Court recently refused to dismiss various causes of action related to a data breach involving RockYou. In particular, the Court explored the issue of whether the plaintiff sufficiently alleged "harm" arising out of the data breach. This blog post takes a look the highlights of the Court's decision.