How to Respond to a Breach of Customer Data featured image

How to Respond to a Breach of Customer Data

by John DiGiacomo

Partner

Data Breach

How do you respond to a breach of customer data? If you operate an ecommerce store, you need to know. Revision Legal partner John DiGiacomo has published another article on Practical Ecommerce: How to Respond to a Breach of Customer Data.

Data breaches seem to be the norm these days, whether they are at Yahoo, Home Depot, or, more recently, Michigan State University. And ecommerce merchants are not immune. My firm has recently handled data breach responses for small ecommerce companies that were affected by a breach of the LemonStand ecommerce platform.

Ecommerce merchants must take the risk of a data breach seriously. A breach that exposes customers’ data carries enormous potential liability. It can cause a business to go bankrupt.

But there is some good news. According to “2016 Global Security Report” by Trustwave, the security firm, only 38 percent of global data breaches target ecommerce stores. Traditional brick-and-mortar retail stores are the most targeted — roughly one-third of overall data breaches target magnetic strip data obtained from point of sale machines.

Notification laws vary from state to state:

It can be difficult, however, to detect a data breach. Forty-one percent of worldwide breaches are detected by victims, while 58 percent of breaches are reported to their victims by regulatory bodies, credit card companies, and banks. This, again, is from the Trustwave report. The average median time between a network intrusion and detection is 168 days for external detection and 15 days for internal detection.

Develop a Strategy to Reduce Risk

… develop a strategy for reducing the company’s risk associated with the breach. Many breached companies have offered credit-monitoring services or identity-theft-monitoring services to victims of the breach, to reduce the further risk of loss or harm. Others have offered informational packets or even some form of compensation to reduce their risk of liability. Each circumstance is different.

You can read the entire article here on the Practical Ecommerce site.

Revision Legal has worked with businesses of all sizes to assess data retention risks. If you have concerns about your exposure or have received a notification that you have been a victim of a data breach incident, contact the experienced data breach attorneys at Revision Legal. Civil fines are available in some states for a failure to expeditiously notify those affected by breaches. You need the legal team from Revision Legal in your corner today. Contact us using the form on this page or call us at 855-473-8474.

Photo credit to Flickr user Maria Irwin.

Extra, Extra!
Recent Posts

Does the AI-Copyright Legal Fight Represent a National Security Threat?

Does the AI-Copyright Legal Fight Represent a National Security Threat?

Copyright

The holders of copyrights for newspapers, magazines, books, and other publications are involved in numerous legal battles with owners of AI modules over alleged copyright infringement. The plaintiff copyright owners claim that the AI large language modules have been trained on huge quantities of copyrighted materials without permission and — most importantly — without payment. […]

Read more about Does the AI-Copyright Legal Fight Represent a National Security Threat?

How Does Buy-Sell Insurance Work For An Owners’ Agreement?

How Does Buy-Sell Insurance Work For An Owners’ Agreement?

Corporate

The owners of most small, closely-held businesses negotiate and sign some form of an “Owner’s Agreement.” An important part of such Agreements is the “Buy-Sell” provisions. These are often some of the most difficult to negotiate. The gist of the buy-sell part of the Owners’ Agreement is to establish the rules for what happens if […]

Read more about How Does Buy-Sell Insurance Work For An Owners’ Agreement?

Status on Social Media Moderation Statutes and Cases

Status on Social Media Moderation Statutes and Cases

Internet Law

Social media content moderation by technology platforms was one of the “hot” legal topics in 2023-2024. Three States — California, Texas, and Florida — passed different statutes to either require more content moderation (California) or to limit such moderation (Texas and Florida). All the statutes, in one way or another, demanded more transparency and information […]

Read more about Status on Social Media Moderation Statutes and Cases

Put Revision Legal on your side