Cybersecurity as an Unfair Practice: FTC Enforcement under Section 5 of the FTC Act

Cyber attacks seem only to be increasing in frequency and severity.  Major data breaches suffered by companies such as Target, Sony, Anthem Health Care, and others, have exposed hundreds of millions of individuals to the risk of credit loss and identity theft. Virtually all industries have been targeted. Moving past credit cards, cybercriminals are increasingly going after proprietary business data and deploying ransomware and cyber blackmail. They are holding data hostage and attempting to extort millions of dollars from companies who wish to avoid the risk of data loss and public embarrassment. Often, attackers find their way to company data through vendors, who provide technical or financial services or through targeted e-mail attacks directly on company employees, using social exploits to induce unsuspecting individuals to open e-mail attachments and download malware. Companies who are victims of these attacks have suffered huge financial losses.  According to the Ponemon Institute in 2015, the total average cost of a data breach is now $3.8 million, up from $3.5 million a year earlier, or $154 per individual record lost or compromised.  These costs do not even include other, less direct costs, such as the loss of business or reputational damage.

About Potter Anderson

Potter Anderson & Corroon LLP is one of the largest and most highly regarded Delaware law firms, providing legal services to regional, national, and international clients. With more than 100 attorneys, the firm’s practice is centered on corporate law, corporate litigation, intellectual property, commercial litigation, bankruptcy, labor and employment, and real estate.