In a recent lawsuit filed this month in the United States District Court for the Southern District of New York, Delta Airlines brought suit against its website chat services provider, [24]7, stemming from a 2017 data breach suffered by [24]7 that affected approximately 800,000 of Delta’s customers. Specifically, Delta alleges in its complaint that an attacker gained access to [24]7’s networks and modified the source code of its chat services so that the attacker could “scrape” payment card information from customers as they used the chat feature available on Delta’s website.

On August 12, 2019, Governor Andrew Cuomo signed legislation (S.6577/A.8421) that greatly expanded the protections for workplace discrimination and harassment.  These additional protections come just a little over one year after the state enacted comprehensive legislation designed to combat sexual harassment.

Large business data breaches - like the one affecting 100 million Capital One credit card customers and applicants - remain commonplace, so much so that they are becoming accepted as the new normal in today’s climate of consumer dealings. They shouldn’t be.

As we wrote here earlier this year, Governor Cuomo proposed to extend the “clawback law,” which had expired on January 1, 2019, in his fiscal year 2020 Executive Budget.  As a reminder, the clawback law pulled the value of all taxable gifts made within three years of a New York resident taxpayer’s death back into the New York resident taxpayer’s estate for New York estate tax purposes.

Following up on our post from June 7, Governor Cuomo has now signed the SHIELD Act into law.  New section 899-bb of the General Business Law, which creates substantive security obligations for all persons or businesses that own or license the defined “private information” of New Yorkers, goes into effect in 240 days, with the rest of the law taking effect within 90 days.