was a “criminal data breach,” yet denied any liability for the exposed information.
The company said it took the proper and immediate steps to contain the attack.
The two parties reached a settlement of $5.5 million, to be divided amongst
the states and the District of Columbia. The settlement relieves Nationwide
from most legal and civil liabilities but not from criminal, antitrust, securities or
tax liabilities. A spokesperson for Nationwide said that the company’s security
remains compliant with data security laws.
In the end, the settlement did not include allegations of data security law
violations. “Protecting consumer data is something that we take seriously,”
Nationwide said. The company said it will continue to strengthen cyber-security.
SCORECARD: The data breach cost Nationwide $5.5 million, which will be
given to those whose information was exposed.
TAKEAWAY: Cybersecurity programs should regularly be updated and reviewed
for any potential security risks, even when a program follows security laws.
WC DEATH BENEFITS GRANTED TO WIDOWER
A grocery store worker was in her office when she suffered cardiac arrest. A store manager heard her fall and rushed to her aid, but it was too late. Her husband filed for workers’ compensation death benefits,
claiming his wife’s death was due in part to the stress of her job.
Probable cause of death was ruled to be cardiac arrhythmia, stemming from
arteriosclerotic heart disease, likely worsened by obesity.
The emergency responders’ report stated that coworkers heard the deceased
saying “her job was stressing her out,” and that she complained of chest pain
shortly before collapsing.
The Workers’ Compensation
Board granted the husband
workers’ comp death benefits on
Oct. 15, 2015. The employer and
its carrier appealed.
In the 2017 court hearing, the
employer alleged that the cardiac
event was due to underlying heart
disease. There was no way to
prove that job stress caused her
heart to stop.
New York workers’ comp
INVASION OF PRIVACY EXCLUSION HOLDS FIRM
law states that barring substantial evidence to the contrary, “an unwitnessed or
unexplained death [that] occurs during the course of a decedent’s employment,
Workers’ Compensation Law provides a presumption … that the death arose out
of the decedent’s employment.”
Because there was no formal autopsy performed on the deceased, the
husband used the medical report as proof his wife’s cardiac arrest was related
to the stress of her job. The court ruled the deceased’s work-related stress
was a “significant contributing factor,” and her husband should receive death
In november 2012, david emanuel brought a class action lawsuit against he Los Angeles Lakers basketball team. Emanuel, who had attended a Lakers game the month before, felt duped
after responding to an overhead message displayed on the scoreboard. The
message invited game attendees to send a text to a specific phone number with
the hopes of seeing their message on the screen.
Emanuel sent a text and received an automated message in return. In the
subsequent lawsuit, he alleged
that the Lakers sent the response
message using an automatic
dialing system, which, he said,
violated the Telephone Consumer
Protection Act and cost him and
others in text and data charge
fees. They sued for $1,500 and
In 2013, a California district
judge dismissed the case, stating
that by sending the initial text,
Emanuel implicitly consented
to receiving a confirmation message. The team settled with Emanuel in 2014
during his appeal.
The Lakers were insured under a ForFront Portfolio insurance policy held by
Federal Insurance Co. Federal denied coverage of the suit, because the insurer
claimed the TCPA fell under a policy exclusion for invasion of privacy.
The Lakers sued Federal for bad faith refusal to defend or indemnify them. A
district judge ruled to dismiss the allegation, agreeing with the insurer that the
policy’s invasion of privacy exclusion included the TCPA. The Lakers appealed.
A divided panel affirmed the judge’s ruling.
“The panel held that because a Telephone Consumer Protection Act claim is
inherently an invasion of privacy claim, Federal Insurance Company correctly
concluded that the underlying Telephone Consumer Protection Act claims fell
under the Policy’s broad exclusionary clause,” read the court’s decision.
SCORECARD: The Los Angeles Lakers are not entitled to coverage for class
allegations that the team sent unwanted text messages to fans.
TAKEAWAY: Insurance policies that exclude privacy-related claims should
clarify whether TCPA claims fall within the exclusion.
CYBERATTACK COSTS INSURER MILLIONS
Nationwide mutual insurance co. and its unit Allied Property & Casualty suffered a massive data breach on Oct. 3, 2012. Sensitive information of more than 1 million people was stolen from its databases.
The breach affected both existing and potential customers in 32 states and
the District of Columbia. Social Security numbers, driver’s license numbers and
Nationwide-assigned creditworthiness scores were made available by the hackers.
Shortly after the breach, the insurer notified the customers that their
information was compromised. Nationwide offered free credit monitoring and a
$1 million identity theft insurance coverage with no deductible to those affected.
In the August 2017 hearing, state attorneys general from each state alleged
that the breach stemmed from a security lapse. Nationwide conceded that there
SCORECARD: The workers’ compensation carrier will pay death benefits to
the deceased employee’s husband.
TAKEAWAY: When injury or illness occurs on the job, employers must be
diligent in reporting the incident and recording each step taken.