September 28, 2021

Volume XI, Number 271

Advertisement

September 28, 2021

Subscribe to Latest Legal News and Analysis

September 27, 2021

Subscribe to Latest Legal News and Analysis

Brews, Booze, and Data Breaches

Friday afternoon, news sources reported that Molson Coors Beverage Company notified the Securities and Exchange Commission about an ongoing data breach that had delayed and disrupted, "the Company's business, including its brewery operations, production, and shipments."

This follows a series of hacks through the Microsoft Email Exchange software, and after the Campari Group fell victim to a data breach last November.

It is becoming increasingly clear that American companies of all sizes and industries are targets for (and vulnerable to) this kind of cybersecurity hacking, both directly and through vendors. And beverage companies have been no exception to this trend. The all-in business and legal costs associated with such breaches regularly reach into the millions of dollars according to the Ponemon Institute's most recent study.

The Institute also found that planning and protective steps on the front end by businesses can dramatically reduce these costs. Proactively planning for these risks can also help minimize the possibility of a breach and avoid the potential double victimization of a data breach: first by the breach itself, and then the legal liability, compliance costs, and regulatory enforcement actions. And as the Molson Coors filing makes clear, when one of these breaches comes to fruition—and it's increasingly a "when" rather than an "if"—there are real problems with business operations that can result. These breaches, and the related costs, are yet another illustration of the need for all businesses to include cybersecurity and privacy compliance as part of their risk management strategy.  Currently, all states have data breach notification statutes, and many states require businesses—even small businesses— to provide a certain level of protection to personal data.

© 2021 Ward and Smith, P.A.. All Rights Reserved.National Law Review, Volume XI, Number 76
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement
Advertisement

About this Author

Angela doughty, Ward and Smith, IP Attorney
Trademark Specialist

Angela leads the firm's Intellectual Property practice and is a North Carolina State Bar Board Certified Specialist in Trademark Law.  She routinely counsels and assists clients with identifying, protecting, and enforcing their U.S. and international intellectual property rights; anti-counterfeiting and U.S. Customs matters; Internet and domain law issues, including proceedings before the National Arbitration Forum and World Intellectual Property Organization; website terms of use and privacy policies; branding and franchising agreements; software development and...

252-672-5471
Peter N. McClelland Cybersecurity Attorney Ward and Smith
Attorney

Peter is an attorney and a Certified Information Privacy Professional/US (CIPP/US) who assists clients in a range of privacy, data security, cyber supply chain and technology matters.

He regularly counsels on the legal requirements and risks associated with the collection, storage, transfer, use, protection, and disposal of data. Businesses and individuals rely on his privacy and data security expertise for structuring and operationalizing privacy compliance programs, data breach response and planning, contract and vendor management, and...

919-277-9157
Advertisement
Advertisement
Advertisement