Telecommunications Company Fails To Safeguard Payment Systems

ByJohn Lomicky

|

Updated onApril 11, 2019

This class action case involves customers of a telecommunications company that had their payment card data and other personally identifiable information stolen by computer hackers. It was alleged that the company failed to upgrade their payment systems to use EMV technology and failed to comply with Federal Trade Commission requirements. It was also alleged that the company failed to provide timely or adequate notice to their customers that their information was compromised. An expert in payment security was sought to opine on the Federal Trade Commission requirements applicable to such companies and how these companies can prevent theft of their customer’s payment data.

Question(s) For Expert Witness

1. What regulatory requirements exist pertaining to the types of payment technology consumer companies should be using?

2. When customer payment data is hacked, what duty does the company have, if any, to inform them of the data breach?

Expert Witness Response E-199662

inline imageI have years of experience in cybersecurity for retail and financial services companies and am very familiar with PCI-DSS, which is the most relevant regulatory requirement pertaining to consumer payment technology. If the company is breached, meaning the exposure of the customers' identifiable information, then the company is required to notify those customers that were impacted. Another common response that companies offer in these instances is to provide identity theft services to those customers for free in an attempt to minimize the potential for class action lawsuits from those impacted. I work in the cybersecurity field day-to-day and have reviewed numerous cases of this nature.

About the author

John Lomicky

John Lomicky

John Lomicky is a J.D. candidate at FSU Law with a multidisciplinary background. He earned his Bachelor's degree in Neurobiology and Near Eastern Studies from Georgetown University and has graduate degrees in International Business and Eurasian Studies. John's professional experience includes working in private equity as an Associate at Kingfish Group and in legal business development and research roles at the Expert Institute. His expertise spans managing sales teams, company expansion, and providing consultative services to legal practices in various fields.

Find an expert witness near you

What State is your case in?

What party are you representing?