Data Theft

Subscribe to Data Theft

When the COVID-19 crisis hit the United States (indeed, before it was even considered a “crisis” here), we provided tips for protecting a company’s trade secrets in the event employees were permitted to work from home. In the ensuing three weeks, not only have employees been permitted to work from home, but many companies have required it. Indeed, an ever-growing list of states, including California, Connecticut, Illinois, Maryland, Massachusetts, New Jersey, New York, Ohio, and Pennsylvania have issued stay-at-home orders and shut down all non-essential businesses for the time being. As a result, there are now millions of employees working remotely who are accustomed to working in an office setting. Indeed, according to a March 12, 2020, flash survey of more than 550 employers conducted by Seyfarth, nearly 85% of responding companies were actively encouraging employees to work from home in some or all parts of the country, and more than 65% were taking steps to provide capability for employees to be able to work from home who do not normally do so. Those numbers are likely even higher now.
Continue Reading

Fear of the coronavirus is causing many employers to permit—or in some cases mandate—employees to work remotely. While this measure is designed to minimize the risk of virus transmission, it presents an altogether different risk when it comes to protecting trade secrets, as employees have ripe opportunities to remove trade secrets and other sensitive information from company systems and databases. While remote access is ostensibly provided so that employees can perform their job functions from home, and may even be a necessity in that regard, some employees may take the opportunity to exploit the situation to more nefarious ends, and others may just be careless, which can lead to equally bad outcomes. In addition, employees’ external home networks may not have robust security on par with in-office network security.
Continue Reading

In Seyfarth’s first installment in its 2020 Trade Secrets Webinar Series, Seyfarth attorneys Robert Milligan, Jesse Coleman, and Joshua Salinas reviewed the noteworthy legislation, cases, and other legal developments from across the nation over the last year in the area of trade secrets and data theft, non-competes and other restrictive covenants, and computer fraud—plus, predictions

Several high profile ransomware attacks have recently rocked the franchise world fomenting uncertainty and anxiety about franchisors’ legal obligations and liability. Ransomware attacks essentially kidnap a company by shutting down its systems and holdings its data hostage until a ransom fee is paid. In addition to the quantifiable hard costs of paying ransom and hiring experts to mitigate damage and re/build cyber defenses, ransomware victims can be damaged by: (a) third-party liability to the customers and other original owners of compromised data; (b) interruption of business operations during the course of and recovery from an attack; and (c) injury to reputation value in the loss of consumer confidence, appearance of incompetence, and customer attrition. In today’s digital golden era, data is among the world’s most valuable assets, earning the tagline: “data is the new oil.” It therefore comes as no surprise that cybersecurity, which has been a hot topic for years, is garnering increased attention and resources from businesses of all sizes and stages. Yet with each new development in defensive cybersecurity, cybercriminals come up with just as many ways to get around those defenses.
Continue Reading

What You Need to Know about Protecting Company Assets in the Age of Employee Mobility and Digital Theft

Thursday, November 14, 2019
8:00 a.m. – 8:30 a.m. Central Time: Breakfast & Registration
8:30 a.m. – 10:00 a.m. Central Time: Program

Seyfarth Shaw LLP
233 South Wacker Drive, Suite 8000
Chicago, IL 60606

There is no

A Ninth Circuit panel consisting of Judges A. Wallace Tashima, Johnnie B. Rawlinson, and Paul J. Watford recently heard oral argument in Anheuser-Busch Companies v. Clark, 17-15591, concerning the denial of a former employee’s anti-SLAPP motion in a trade secret misappropriation and breach of contract case. This is the second time the case has made its way up to the Ninth Circuit. We previously reported on this case in March 2017. The panel has not yet issued its decision but the Ninth Circuit’s decision could have far reaching implications for trade secret and data theft cases involving purported whistleblowing activities.
Continue Reading

This post originally appeared in the June edition of Cyber Law & Strategy.

Somewhere today at least one data security breach is likely to happen. It might not have been publicized and may not have involved millions of records, but there is no doubt it will happen. That is because cybercrime remains one of the most common crimes in the world, and non­criminal exposures are fairly common as well.
Continue Reading

The United States Attorneys’ Offices in Wisconsin criminally prosecuted two trade secret theft cases last week. In the Eastern District of Wisconsin (United States of America v. Tan Liu), the United States charged a former employee, Tan Liu, with 12 counts of stealing trade secrets from his former employer, Rockwell Automation, Inc. According to the government, in the last few weeks of his Rockwell employment, and in anticipation of leaving Rockwell for a new employer, Liu downloaded 2,500 files that contained the proprietary software and source code Rockwell uses to operate various systems and controllers.
Continue Reading

The use of open file sharing platforms in business continues to increase in 2017; Dropbox alone has over 200,000 active business accounts. Unfortunately, the convenience of these platforms and the increase in use by businesses attracts the attention of hackers as well. File sharing platforms and accounts have a high “hack value”—the overall value of the accounts on the dark web—due to the relative ease with which account can be obtained and the sensitivity of the information stored on these platforms.

The risk associated with the use of file share platforms is twofold. First, company supported file share is attractive to attackers because it is guaranteed to contain sensitive information. Second, file share platforms available to employees outside of the company—e.g. the employee Google Drive account—may be used to store company information, but likely do not use the same security standards as those enforced by the company. Attacks on file share platforms are also very real. In August of 2016 Dropbox forced users to reset their passwords based on a breach—60 million account credentials compromised—that had been discovered but was executed four years earlier in 2012.
Continue Reading

As a special feature of our blog—special guest postings by experts, clients, and other professionals—please enjoy this blog entry from Charlie Platt, a director at iDiscovery Solutions.

It’s Friday afternoon and the conversation goes a little like this, “Wait, what? They’re leaving? Where are they going? Is there any opportunity to help them reconsider?”

When a key employee departs an organization, it can take a toll on clients and colleagues, productivity, and morale. What follows is a rush of activity: current projects are reviewed, transition plans are quickly drawn up and put in place, and decisions are made about how to replace the departing employee and how to communicate the departure to the rest of the firm and clients. 
Continue Reading