My good friend Judy Greenwald reported at BusinessInsurance.com that “After AIG refused the claim, Landry’s filed suit, and the U.S. District Court in Houston ruled in the insurer’s favor and dismissed the case. A unanimous three-judge appeals court panel overturned that decision.” The July 22, 2021 article entitled “AIG unit must defend Texas retailer in data breach case” included these comments:
Houston-based Landry’s Inc., which operates retail properties including restaurants, hotels and casinos, discovered a data breach that occurred between May 2014 and December 2015 that involved the unauthorized installation of a program on its payment processing devices, according to Wednesday’s ruling by the 5th U.S. Circuit Court of Appeals in New Orleans in Landry’s Inc. v. The Insurance Co. of the State of Pennsylvania.
Over about a year-and-a-half, the program retrieved personal information from millions of credit cards and at least some of that information was used to make unauthorized charges, the ruling said.
“It’s also undisputed that hackers’ theft of credit-card data and use of that data to make fraudulent purchases constitute ‘violations’ of consumers’ privacy rights,” the panel said in reversing the lower court decision and remanding the case for further proceedings.
This will be an important case to follow!