Tag Archives: credit card

New PCI Guidance Provides Businesses With Security Incident Response Assistance

A security event involving payment card data, especially card present data, can be one of the most costly events a company may face. Not only did a recent study report the average total cost of a data breach as $3.8 million, large payment card incidents such as those that occurred at Target and Home Depot … Continue Reading

Explaining the Implications for Merchants of EMV and the Liability Shift

By Craig A. Hoffman on May 18, 2015 Posted in Data Breaches

The EMV liability shift is coming. Sounds ominous, but what does it really mean? And how can retailers and merchants determine the potential impact of the shift on their business? Like many issues in the payment card industry, there is confusion and misunderstanding. Through an FAQ format, we cover the basics and address some of … Continue Reading

2015 BakerHostetler Incident Response Report Deeper Dive—Retailer Liability Arising from Stolen Payment Cards

By Craig A. Hoffman on May 12, 2015 Posted in Data Breaches, Incident Response, Retail Industry

We released the inaugural BakerHostetler Data Security Incident Response Report, which provides insights generated from the review of more than 200 incidents that our attorneys advised on in 2014. Over the next four weeks, we will post several blogs that will provide a more in-depth look at certain findings. In this post, we cover one … Continue Reading

Why Worry About a Little Skimmer?

By Craig A. Hoffman on September 17, 2014 Posted in Retail Industry

Merchants—rightfully so—are worried about securing their payment card environments so that their name does not appear in a headline discussing how millions of cards were stolen from them. Faced with the challenge of evaluating the use of P2PE and tokenization, the conversion necessary to prepare for the October 2015 EMV liability shift, reading the tea … Continue Reading

Credit Unions Continue to Demand New Data Security Standards for Retailers and Right to Recover Losses After a Breach

By Zac Ciullo on September 12, 2014 Posted in Data Breaches

On September 3, 2014, following the news of a possible breach at Home Depot (which was confirmed on September 8), the National Association of Federal Credit Unions (NAFCU) called on Congress to enact new legislation to hold retailers more responsible for data security breaches. “These continued data breaches will have a chilling effect on our … Continue Reading

Wal-Mart Prevails in Credit Card Class Battle Over Practice of Collecting Addresses and Phone Numbers

By BakerHostetler on October 8, 2013 Posted in Privacy Class Actions

Authored by: Julian Perlman Editor’s Note: This post is a joint submission with BakerHostetler’s Class Action Lawsuit Defense blog. In a victory for Wal-Mart Stores, Inc., a federal district court judge has refused to certify a Rule 23(b)(3) class in a lawsuit for violation of California’s Song-Beverly Credit Card Act (Cal. Civ. Code § 1747 et seq., … Continue Reading

Class Action Plaintiffs Lack Standing under Clapper to Sue Barnes & Noble for Credit Card Data Breach

By Judy Selby on September 10, 2013 Posted in Data Breaches, Payment Card Industry, Privacy Class Actions

Editors’ Note: This blog post is a joint submission with BakerHostetler’s Class Action Lawsuit Defense blog. Relying heavily on the Supreme Court’s recent Clapper decision, a federal court dismissed a class action lawsuit arising out of a “skimming” data breach against Barnes & Noble (BN). In re Barnes & Noble Pin Pad Litigation, Case # 12-cv-8617 (N.D.Ill. … Continue Reading

Visa Loses Motion to Dismiss in Genesco Case – Are the Days for PCI Assessments Numbered?

By Craig A. Hoffman on July 26, 2013 Posted in Financial Privacy

Co-Authored by: Judy Selby In a highly anticipated decision, a federal court in Tennessee let stand a retailer’s claims against Visa for violation of California’s Unfair Competition Law (UCL) and for common law claims for unjust enrichment and restitution arising out of fines and assessments levied by Visa in the wake of a massive data … Continue Reading

Cyber Criminals’ Menu Features the Food & Beverage Industry; Steps to Protect Your Business

By Judy Selby on May 24, 2013 Posted in Data Breaches, Payment Card Industry

2012 was a challenging year for the Food and Beverage (F&B) industry. In addition to increased government regulation, rising food prices and relatively slow growth trends, the industry once again was a favorite target of cybercriminals. According to the 2013 Trustwave Global Security Report, cyberattacks on F&B enterprises comprised 24% of attacks in 2012, second … Continue Reading

Do Merchants That Outsource Payment Processing Still Have Risk From a Breach?

By Craig A. Hoffman on February 11, 2013 Posted in Data Breaches, Payment Card Industry

Last week a small New England bakery announced that its point-of-sale (POS) devices were infected with malware that may have put card data at risk. The bakery’s letter to its customers stressed that it did not store card data on its computer systems, but the malware allowed an unauthorized person to gather card data as … Continue Reading