Data Protection: How important is it to know what to do if there is a data breach?

Grupo Financiero Banorte, Mexico’s third largest bank, suffered a data breach earlier this year and is now reportedly being fined 32 million pesos ($1.98 million) by the Mexican data protection authority, the National Institute of Transparency, Access to Information and Protection of Personal Data, for failing to inform all of its clients immediately after the hack occurred.  Mexico’s National Banking and Securities Commission is also investigating the matter  and is expected to issue corrective measures.

To formulate and implement an effective incident response solution, including but not limited to an attorney and forensic experts on stand buy, contact Gerrie van Gaalen

Bank's "Commercially Unreasonable" Security Practices to Blame for Cyber Theft

The First Circuit earlier this month held that a bank could be liable for the theft of nearly $600,000 from a company’s bank account because the bank’s online security systems were not “commercially reasonable” under the Uniform Commercial Code.  This ruling, in Patco Construction Company v. People’s United Bank, indicates that banks cannot entirely shift risk to their customers through contractual provisions, and that courts will scrutinize a bank’s security practices to determine whether they are adequate


© Copyright 2012 Steptoe & Johnson LLP