Litigation and legal developments concerning data breaches.
This client alert is based on a longer article Patrick Emerson McCormick wrote for the Conference on Consumer Finance Law Quarterly Report. Attorney-client privilege protects confidential communications made for the purpose of seeking or providing legal advice. The Supreme Court rejected a rigid control-group test and held that employee questionnaires and interview notes directed by corporate counsel were […]
The Record reports: A Chinese national accused of being a member of a state-backed hacking group has been extradited to the U.S. from Milan, his lawyer confirmed on Monday. Xu Zewei was arrested in July 2025 by Italian authorities after he was accused by the U.S. of involvement with a Chinese hacking group allegedly responsible for breaking […]
The law firm of Squire Patton Boggs writes: Connecticut Attorney General William Tong recently issued an advisory memorandum (“Advisory”) to all “State Officials, Agencies and Concerned Parties” about how existing Connecticut laws apply to artificial intelligence (“AI”). In the Advisory, Attorney General Tong hints at enforcement priorities and offers businesses a roadmap for compliance in describing how […]
Comply or risk class-action litigation? IAPP explains: Last year, the California Privacy Protection Agency adopted a major new rule requiring certain businesses to conduct an annual cybersecurity audit. The rule went into effect 1 Jan. 2026. This pioneering requirement, the first of its kind among state data privacy laws of general applicability, may entail substantial compliance efforts […]
The Daily Hodl reports: A bank in the US is settling with customers affected by a cybersecurity breach that exposed sensitive personal information. According to new class action documents, Cadence Bank – a regional bank headquartered in the South – has agreed to a $5.25 million settlement over a data breach tied to vulnerabilities in the […]
Axios reports: Read more at Axios.
WPIX reports: A luxury fashion company that sells clothing, accessories and cosmetics has agreed to a class action settlement to resolve claims following a 2025 data breach that compromised customer information. The settlement benefits customers who received a notice from Christian Dior stating that their personal information may have been compromised in a data breach in Jan. […]
The Wall Street Journal reports: President Trump signed an executive order Friday directing diplomatic, law enforcement and national security agencies to dismantle cybercriminal outfits. The order frames cybercrime groups, including Southeast Asian romance-scam farms and ransomware gangs, as transnational criminal organizations. It directs the Attorney General to give priority to prosecutions of cyber-enabled fraud and compels the […]
The Department of Justice announced yesterday the seizure of the LeakBase database, one of the world’s largest online forums for cybercriminals to buy and sell stolen data and cybercrime tools. According to an affidavit unsealed on March 3, the LeakBase forum had over 142,000 members and more than 215,000 messages between members. Available on the […]
From the Hunton Insurance Recovery Blog: In the rarely litigated space of cyber insurance, the Northern District of Texas issued a win for cyber policyholders this week, offering a clear reminder to insurers that if they want to restrict coverage, they must draft the policy to clearly do so. In CiCi Enterprises, LP v. HSB Specialty […]
