In a surprise move late last week, Home Depot has agreed to settle a shareholders derivative suit filed against current and former members of the Board of Directors and the Chief Executive Officer and Chief Information Officer (CIO) following a massive data breach that occurred in 2014.

The shareholders allege that former and current board members breached their duty of loyalty to the company by failing to prevent the data breach or to remedy it after it occurred. The breach cost Home Depot $152 million with a total cost exposure predicted at $10 billion.

The settlement requires documenting the responsibilities of the CIO, maintaining an executive committee on data security, and transparency around the budget provided for Cybersecurity measures in the organization.
Continue Reading Home Depot Agrees to Settle Data Breach Shareholders’ Suit

Using the Maryland Consumer Protection Act, Maryland Attorney General Brian Frosh has announced that eye care retailer Visionworks, Inc. has agreed to pay the state of Maryland $100,000 and enhance its security measures following an investigation into two security incidents that occurred in 2014. When it was upgrading its Annapolis, Maryland and Jacksonville, Florida stores

In a strongly worded opinion, the Third Circuit Court of Appeals on Monday slammed Wyndham Worldwide Corporation’s arguments that the FTC did not have jurisdiction to enforce the security practices of businesses following a data breach. The Court noted that it found most of Wyndham’s arguments “unpersuasive.” This is the first Circuit Court of Appeals