b'TABLE OF CONTENTSLandrys, Inc. v. Insurance Co. of thecourt also held that the data breach action arose State of Pennsylvania Potentiallybecause of Landrys breach of contract with the Expanded the Scope of Coverage forcredit card processor, not from a violation of the privacy rights of individuals.Cybersecurity IncidentsThe Fifth Circuit reversed, holding that The Fifth Circuit held in Landrys, Inc. v. Insurancepublication should be interpreted broadly and Co. of the State of Pennsylvania that an insurerthat the alleged injury arose from the violation of had a duty to defend an insured in data breachcustomers right of privacy. First, the Fifth Circuit litigation because the litigation sought, as requiredreasoned that the policy language stated to trigger the duty, damages arising out of . . . [the]publication, in any manner, signifying the parties [o]ral or written publication, in any manner, ofintent to use a broad definition of publication.As material that violates a persons right of privacy.Insuch, the court held that publication, in any so holding, the Fifth Circuit imposed the duty in amanner, included the manners of publication that case where the claims were not brought bywould establish the tort of defamation, so merely individuals whose information was compromised intransmitting information or making something the breach, but rather by an entity who had aknown would suffice as publication.contractual obligation to reimburse affected individuals for their breach-related losses. Second, the Fifth Circuit held that the credit card processors action against Landry involved an A credit card processor sued Landry for lossesinjury arising out of the violation of a persons resulting from a hack of Landrys credit cardright of privacy.The court said that it need not processing devices, namely payments the credittarry long on this phrase because its undisputed card processor had to make to individuals whothat a person has a right of privacy in his or her suffered losses from having their credit card datacredit card data and that hackers theft of credit-stolen in the hack. The credit card processorcard data and use of that data to make fraudulent alleged that the breach resulted because Landrypurchases constitute violations of consumers had violated contractually imposed credit cardprivacy rights.Then, rejecting Landrys argument rules and security guidelines. Landry, in turn suedthat the coverage provision should be limited to its insurer, the Insurance Company of the State oftort claims brought by individuals who had their Pennsylvania (ICSOP), alleging that ICSOP owedcredit card data hack and thus not extended to a duty to defend Landry in the data breach actioncontract claims based on the breach, the court brought by the card processor. Landrys policyrefused to distinguish between contract and tort contained an advertising injury provision thatactions. The type of legal claim asserted does not required ICSOP to defend Landry for damageschange the duty to defend, the court reasoned, as arising out of publication, in any manner oflong as the claim arises from the violation of a material violating a persons right of privacy. Thecustomers privacy right in their credit-card data.district court held that a third-party hack and theft did not qualify as a publication.The district MAYER BROWN |161'