Security & Fraud

Trustwave Sued For Breach Investigation 'Failure'


Data protection and security company Trustwave is being sued by Affinity Gaming for allegedly being unable to mitigate a cyberattack that negatively impacted its business, ZDNet reported Monday (Jan. 18).

The cybersecurity firm was hired by Affinity Gaming after the casino operator fell victim to a data breach that compromised the personal information of nearly 300,000 Affinity customers. The lawsuit accuses Trustwave of allowing another cyberattack to take place while it was charged with investigating and containing the impact of the initial breach. Rather than identifying the threat, Affinity Gaming said the cybersecurity company missed the attack and said all threats were neutralized.

"Shortly after Trustwave's engagement ended and after Trustwave had promised that the data breach had been 'contained' and the suspected backdoor(s) 'inert,' Affinity Gaming learned that its data systems still were compromised," the documents outlining the lawsuit stated.

The documentation goes on to state that a probe into the security breach by Ernst & Young in 2014 resulted in the identification of suspicious ongoing activity from a malware program that Trustwave said it addressed during its investigation in 2013.

“This litigation demonstrates that as the law of data privacy and security continues its lightning-fast evolution, so does litigation in this area,” Joseph DeMarco, a data privacy lawyer who is not involved in the case, told Financial Times, adding that the standards to which cybersecurity companies are held are rapidly changing. “I expect to see more of these cases as more and more breaches are investigated, sometimes in ways that the victim is not satisfied with."

Affinity used $1.2 million of its $5 million cyberinsurance policy in order to address the security breach, but the company is only seeking $100,000 in damages in its litigation against Trustwave, ZDNet confirmed.

Trustwave continues to deny any fault or wrongdoing in the matter, stating: "We dispute and disagree with the allegations in the lawsuit, and we will defend ourselves vigorously in court.”



New forms of alternative credit and point-of-sale (POS) lending options like ‘buy now, pay later’ (BNPL) leverage the growing influence of payments choice on customer loyalty. Nearly 60 percent of consumers say such digital options now influence where and how they shop—especially touchless payments and robust, well-crafted ecommerce checkouts—so, merchants have a clear mandate: understand what has changed and adjust accordingly. Join PYMNTS CEO Karen Webster together with PayPal’s Greg Lisiewski, BigCommerce’s Mark Rosales, and Adore Me’s Camille Kress as they spotlight key findings from the new PYMNTS-PayPal study, “How We Shop” and map out faster, better pathways to a stronger recovery.