On November 21, 2018, the Supreme Court of Pennsylvania found that a putative class action against UPMC by current and former employees should not have been dismissed. Employers have common law duty to use reasonable care to safeguard its employees’ sensitive personal information that it stores on Internet-accessible computer systems, and Pennsylvania’s economic loss doctrine did not bar the plaintiffs’ negligence claim.
Continue Reading

On October 23, 2018, the parties in the Yahoo! Inc. Customer Data Security Breach Litigation pending in the Northern District of California and the parties in the related litigation pending in California state court filed a motion seeking preliminary approval of a settlement related to breaches of the company’s data.
Continue Reading

Vizio, Inc., a California-based company best known for its internet-connected televisions, agreed to a $17 million settlement that, if approved, will resolve multiple proposed consumer class actions consolidated in California federal court. The suits’ claims, which are limited to the period between February 1, 2014 and February 6, 2017, involve data-tracking software Vizio installed on its smart TVs.
Continue Reading

On September 26, 2018, the U.S. District Court for the District of Colorado refused to dismiss all putative class claims against Chipotle Mexican Grill, Inc. This litigation arose from a 2017 data breach in which hackers stole customers’ payment card and other personal information by using malicious software to access the point-of-sale systems at Chipotle’s locations.
Continue Reading