Header graphic for print
Privacy & Security Matters Mintz Levin : Data Compliance & Security, Employee Privacy Lawyer & Attorney

Tag Archives: Securities And Exchange Commission

Fitbit Files for IPO: Cybersecurity Risk Disclosure

Posted in Cybersecurity

Fitbit, the fitness-tracking company with six wearable devices that track and collect data about things like calories burned, steps logged, “quality” of sleep and sleep patterns, heart rate, etc.) as well as web and mobile apps and premium services, has filed with the Securities and Exchange Commission for a $100 million initial public offering.  … Continue Reading

On the Third Day of Privacy, the Shareholders Gave to Me……

Posted in 12 Days of Privacy, Cybersecurity, Data Breach, Data Compliance & Security, Privacy Regulation, Security

…….Shareholder Proposals on Cybersecurity and Privacy: Another Country Heard From  Written by Megan Gates As the holiday season slips into the rear view mirror, another season looms large for public companies —- proxy season.  Adding to the ever-growing chorus of demands for increased transparency by public companies on cybersecurity and privacy matters, institutional shareholders have… Continue Reading

Calling All Boards of Directors: Four Recommendations from the SEC

Posted in Cyber Risks Boardroom Series, Cybersecurity, Privacy Regulation

Written by Adam Veness SEC Commissioner Luis Aguilar recently spoke at the New York Stock Exchange Conference “Cyber Risks and the Boardroom.”  In his speech, Commissioner Aguilar emphasized the importance of cybersecurity and how fast the need for cybersecurity has grown in such a short time period, pointing out that U.S. companies experienced a 42%… Continue Reading

To 8-K, or not to 8-K? For Target, that is indeed the question.

Posted in Data Breach, Data Breach Notification

Written by Adam Veness and Cynthia Larose As anyone with a pulse and a computer, television or carrier pigeon knows, Target Corporation (NYSE: TGT) suffered a major data breach in December – the extent of which is still being uncovered – and pegs the latest number of customers that have had their personal information stolen anywhere… Continue Reading

On the Fifth Day of Privacy, the SEC Gave to Me…..

Posted in Cybersecurity, Data Breach, Privacy Litigation, Security

Sing it with me now….. FIVE GOLDEN RULES! Written by Adam Veness As public companies prepare for the New Year and the start of yet another annual reporting season, it is the perfect time to reflect on our 2013 prediction that the SEC would require greater disclosure relating to cybersecurity risks and data breaches.  As… Continue Reading

Survey Says: Fortune 500 Disclosing Cyber Risks

Posted in Cybersecurity

Written by Adam Veness Ever since our 2013 prediction, an ever increasing number of public companies are adding disclosure related to cybersecurity and data breach risks to their public filings.  We previously analyzed how the nation’s largest banks have begun disclosing their cybersecurity risks.   Now, it appears that the rest of the Fortune 500 companies… Continue Reading

Cybersecurity Disclosure: A Panel Discussion with the SEC’s Division of Corporation Finance

Posted in Cybersecurity, Data Breach

Last week in Washington, D.C., this author had the opportunity to sit in on a panel discussion by the SEC’s Division of Corporation Finance (“CorpFin”) discussing, among other things, recent developments in cybersecurity disclosure in public company filings.  The panel included CorpFin’s Acting Director Lona Nallengara, Deputy Director of Disclosure Operations Shelley Parratt and others from CorpFin…. Continue Reading

To the Nation’s Largest Banks: Thanks for Reading

Posted in Cybersecurity, Security

It seems that some of the nation’s largest public company banks must be avid readers of this blog and have taken to heart our 2013 prediction that the SEC would require greater disclosure related to data security risks and breaches.  In their recent annual reports, Goldman Sachs Group Inc., Citigroup, Inc., Bank of America Corp…. Continue Reading

First of a series (updated): Issues for 2013

Posted in Class Action Litigation, Data Breach, Data Breach Notification, Data Compliance & Security

Happy New Year!   We are beginning this week with a series of top Privacy and Security issues for 2013, as we see them.   Let’s start with an issue of interest to publicly traded companies, or companies considering going public in 2013 – a reminder that cybersecurity issues are of interest to the Securities… Continue Reading

SEC Guidance to Public Companies: Evaluate and Disclose Cybersecurity Risks

Posted in Class Action Litigation, Data Breach, Data Compliance & Security, Privacy Litigation

The Securities and Exchange Commission (SEC) has issued guidance to public companies with respect to disclosure relating to cybersecurity and data breach risks.    This release is from the Commission’s Division of Corporation Finance and is not a rule or regulation — but it is clear that public companies that ignore the advice in the Disclosure… Continue Reading

New Settlement Agreement in Heartland Breach

Posted in Data Breach

And the cash register continues to ring with respect to the Heartland Payment Systems Inc. breach. Heartland disclosed last week in a filing with the Securities and Exchange Commission that it has agreed to pay a maximum of $60 million to Visa Inc. and Visa card-issuing banks to settle claims arising out of the massive… Continue Reading

The real cost of data breaches – Heartland to pay Amex $3.5 million

Posted in Data Breach

According to its 8-K filing with the Securities and Exchange Commission (SEC), Heartland Payment Systems Inc. has agreed to pay American Express Travel Related Services Co. Inc. just over $3.5 million to settle any claims arising out of a massive payment card data breach. This settlement is likely to be only the first over the… Continue Reading