b'Ninth CircuitEckert v. Paypal Holdings, Inc., Case No.showed that defendants knew of the magnitude of the 19-16869, 831 Fed. Appx. 366 (9th Cir.data breach when the November 2017 statement was Dec. 17, 2020)made. The court further found that the weakness of Customer Data Security Breach any inference of scienter was underscored by the lack of any obvious incentive to mislead, explaining there PayPal Holdings, Inc. operates an online paymentswas no allegation of motive (e.g., no stock sales) or any system that supports money transfers and serves as anexplanation of what benefit defendants hoped to gain electronic alternative to traditional payments methods,by delay disclosure of the full scope of the breach by such as checks and money orders. On November 10,three weeks.2017, PayPal announced that TIO Networks (TIO),Plaintiffs appealed the dismissal to the U.S. Court of a bill-pay management company it acquired a fewAppeals for the Ninth Circuit, which affirmed the district months earlier, suspended operations to protect TIOscourts decision. Specifically, the Ninth Circuit rejected customers from vulnerabilities on the TIO platform andplaintiffs contention that they pled scienter by alleging issues with TIOs security platform. On December 1,that the defendant knew, in November 2017, that PayPal 2017, the companies announced that a breach of TIOshad discovered an actual security breach, not just security systems occurred and that confidential informationvulnerabilities. The court explained that the defendant of 1.6 million users was potentially compromised. Thepublicly disclosed at that time that the issue was serious following trading day, December 4, 2017, PayPals shareenough to merit suspending TIOs operations entirely. price dropped 5.75%, closing at $70.97. Under such circumstances, we cannot conclude that Investors filed a class action lawsuit on DecemberPlaintiffs have shown a cogent and compelling inference 6, 2017, asserting violations of Sections 10(b), 20(a)that the defendants November announcement was and Rule 10b-5 of the 1934 Act by the companyintentionally misleading or so obviously misleading that and certain of its officers, on the basis that thehe must have been aware of its potential to mislead. The November 2017 press release was allegedly false andNinth Circuit also concurred with the district court that the misleading because PayPal and TIO did not merelylack of scienter was underscored by plaintiffs failure to discover a vulnerability, but in reality discoveredallege any stock sales by defendants during the relevant an actual data breach. After defendants moved totime period or a motive to mislead investors in November dismiss plaintiffs consolidated amended complaint,but not in December.and the court granted that motion, plaintiffs filed a second amended complaint. Defendants againStoyas v. Toshiba Corp., Case No. moved to dismiss. Although the court determined,15-cv-04194 DDP, 424 F. Supp. 3d 821 that plaintiffs adequately pled falsity of the November announcements because [t]his disclosure could(C.D. Cal. Jan. 1, 2020) plausibly have created an impression that only aFalse Profit Reportspotential vulnerability and not an actual breachToshiba Corporation is a Tokyo-based corporation had been discovered, and a vulnerability differsthat develops, manufactures, and sells a broad range considerably from a breach that actually threatens theof electronic and energy products and services such privacy of 1.6 million users, it dismissed the secondas semiconductors, computers, appliances, nuclear amended complaint, with prejudice, on the groundpower plants, and medical equipment. On September that plaintiffs failed to plead a strong inference of7, 2015, Toshiba restated six years of financial results scienter. The court held that plaintiffs allegations wereadmitting substantial institutional fraud related to its insufficient because none of the purported statements 10'