When Your Vendor’s Breach Becomes Your Lawsuit: Privacy Risk Lessons from Recent Bank Litigation

The excerpt describes a recent high-profile data security incident at a third-party service provider that led to putative nationwide class actions against the affected bank. It highlights the legal and regulatory exposure financial institutions face from vendor-driven breaches and urges renewed focus on vendor risk management, litigation risk, and compliance with the Gramm-Leach-Bliley Act and state privacy/data-security laws.