On July 26, 2022, the attorneys general of New Jersey, Pennsylvania, Delaware, Maryland, Virginia, Florida and Washington D.C. announced an $8 million multistate settlement with Wawa Inc. that resolves the states’ investigation into a 2019 data breach that compromised approximately 34 million payment cards used by consumers at Wawa stores and fueling locations.
Continue Reading Wawa Inc. Settles Multi-State AG Breach Investigation for $8 Million
Payment Card
Hunton Publishes 2020 Retail Industry Year in Review
Hunton releases its 2020 Retail Industry Year in Review, which features several articles authored by our privacy lawyers, including on topics such as the cashier-less technology revolution, the California Privacy Rights Act of 2020 and “buy now, pay later” plans.
Continue Reading Hunton Publishes 2020 Retail Industry Year in Review
Hilton Agrees to Settle Data Breach-Related Claims by NY and VT Attorneys General
On October 31, 2017, the New York and Vermont Attorneys General announced a settlement with Hilton Domestic Operating Company, Inc., to settle allegations that the company lacked reasonable data security and waited too long to report a pair of 2015 data breaches, which exposed over 350,000 credit card numbers.
Continue Reading Hilton Agrees to Settle Data Breach-Related Claims by NY and VT Attorneys General
D.C. Circuit’s Article III Standing Decision Deepens Appellate Disagreement
On August 1, 2017, a unanimous three-judge panel for the D.C. Circuit reversed the dismissal of a putative data breach class action against health insurer CareFirst, finding the risk of future injury was not too speculative to establish injury in fact under Article III. …
Continue Reading D.C. Circuit’s Article III Standing Decision Deepens Appellate Disagreement
Chipotle Payment Card Data Breach: Financial Institutions File Leapfrog Suit
On May 26, 2017, Alcoa Community Federal Credit Union, on behalf of itself, credit unions, banks and other financial institutions, filed a nationwide class action against Chipotle Mexican Grill, Inc. arising from a breach of customer payment card data.
Continue Reading Chipotle Payment Card Data Breach: Financial Institutions File Leapfrog Suit
Target and State Attorneys General Resolve Investigation with Largest Multi-State Breach Settlement to Date
On May 23, 2017, Target reached a settlement with the Attorneys’ General of 47 states and the District of Columbia to resolve the states’ investigation of Target’s 2013 data breach.
Continue Reading Target and State Attorneys General Resolve Investigation with Largest Multi-State Breach Settlement to Date
Neiman Marcus Agrees to Settlement in Data Breach Class Action
On March 17, 2017, retailer Neiman Marcus agreed to pay 1.6 million dollars as part of a proposed settlement to a consumer class action lawsuit stemming from a 2013 data breach that allegedly compromised the credit card data of approximately 350,000 customers.
Continue Reading Neiman Marcus Agrees to Settlement in Data Breach Class Action
Home Depot Settles Data Breach Claims
On March 9, 2017, Home Depot reached an agreement that includes the payment of 25 million dollars and the implementation of new data security measures to resolve a putative class action brought by financial institutions impacted by the company’s 2014 data breach.
Continue Reading Home Depot Settles Data Breach Claims
Home Depot Prevails in Shareholder Derivative Lawsuit Over 2014 Data Breach
Recently, the U.S. District Court for the Northern District of Georgia dismissed a shareholder derivative lawsuit against Home Depot Inc. (“Home Depot”) arising over claims that Home Depot’s directors and officers (the “Defendants”) acted in bad faith and violated their duties of care and loyalty by disregarding their oversight duties in connection with a 2014 data breach. The case is In re Home Depot Inc. S’holder Derivative Litig., N.D. Ga., No. 1:15-CV-2999-TWT.
Continue Reading Home Depot Prevails in Shareholder Derivative Lawsuit Over 2014 Data Breach
Adobe Settles Multistate Data Breach Enforcement Action
On November 7, 2016, Adobe Systems Inc. entered into an assurance of voluntary compliance with 15 state Attorneys General to settle allegations that the company lacked proper measures to protect its systems from a 2013 cyber attack that resulted in the theft of the personal information of millions of customers. …
Continue Reading Adobe Settles Multistate Data Breach Enforcement Action