In the past if hackers stole your information the bank took over responsibility. But two recent court cases are muddying that water.  The gist of it is that if you did not take enough precautions to keep your information safe you as a business may be on the hook.  What is not clear is what are appropriate precautions?  I have been victim to a virus lately that was a bear to remove and I have a full IT department behind me.  What’s a small business supposed to do?

Who bears online fraud burden?