Pub. 13 2018-2019 Issue 1

WWW.NEBANKERS.ORG 12 COUNSELOR’S CORNER DEATH, TAXES & DATA BREACHES Jacob Tewes, Kutak Rock LLP O N OCTOBER 20, 2017, THE FEDERAL TRADE COMMISSION issued its final complaint, decision, and order against TaxSlayer LLC, alleging it had violated the Gramm- Leach-Bliley Act (GLBA) privacy and security rules. 1 TaxSlayer fell victim to a type of attack known as list validation, inwhich hackers tried to enter credentials stolen fromother sites in order to steal their owners’ personal and financial information. TaxSlayer was not a bank, but this enforcement action has several important implications for companies across the fi- nancial sector. This is especially apparent in light of the trends in data breaches among the financial sector in 2017. After many years at the frontlines of this cyber fight with targets firmly affixed to their backs, we’d expect few banks to make such obvious mistakes as TaxSlayer. Banks must retain the