In the wake of a cyberattack on a company’s data, it doesn’t take long before shareholders and customers start pointing fingers at the company’s leadership, accusing them of dropping the ball in protecting the company’s data.
Increasingly, company directors and officers are the target of lawsuits—particularly from shareholders—seeking to hold them liable for their failure to put the appropriate security systems in place to protect the company’s information infrastructure. For example, following the cyberattacks on Target in 2013, shareholders filed two separate derivative lawsuits on behalf of the corporation against Target’s management, accusing its chief executive officer, chief information officer and members of its board of directors of breaches of fiduciary duty, waste of corporate assets and gross mismanagement based on their alleged failure to adequately protect customers’ personal and financial data and their subsequent mishandling of the public relations fallout. Both lawsuits allege that Target’s executives should be held responsible for all damages suffered by the company as a result of the cyberattack.
This content has been archived. It is available through our partners, LexisNexis® and Bloomberg Law.
To view this content, please continue to their sites.
Not a Lexis Subscriber?
Subscribe Now
Not a Bloomberg Law Subscriber?
Subscribe Now
LexisNexis® and Bloomberg Law are third party online distributors of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® and Bloomberg Law customers are able to access and use ALM's content, including content from the National Law Journal, The American Lawyer, Legaltech News, The New York Law Journal, and Corporate Counsel, as well as other sources of legal information.
For questions call 1-877-256-2472 or contact us at [email protected]
