Latest Posts › Data Security

Share:

Why Dumping Sensitive Data on Network Shares is a Liability

Are you storing sensitive data on a shared network drive? If so, your organization could be at serious risk of a data breach or privacy lawsuit. Shared drives, like the common “S:\ drive,” are often used to store documents,...more

Adidas and UChicago Sued Over Data Breaches Caused by Third-Party Vendors

What do a global sportswear giant and a prestigious medical center have in common? Apparently, a shared struggle defending data breach lawsuits for breaches of sensitive personal information caused by third-party vendors....more

Data Privacy + Cybersecurity Insider - May 2025

CYBERSECURITY - U.S. Retailers Bracing for Scattered Spider Attacks - Google sent out a warning that the cybercriminal group Scattered Spider is targeting U.S.-based retailers. Scattered Spider is believed to have been...more

Clock Ticking: DOJ’s New Data Security Rule Requires Compliance by July 8

U.S. companies are running out of time to comply with a sweeping new Department of Justice (DOJ) rule that limits sharing sensitive personal data with certain foreign countries—including China, Russia, and Iran. With a hard...more

Ethical Hacker Uncovers Vulnerability in Subaru Starlink Service

Ethical hackers identified an arbitrary account takeover flaw in the administrator portal for Subaru’s Starlink service, which could allow a threat actor to hijack a vehicle through a Subaru employee account. This...more

FTC Announces Updates to COPPA Rule

On January 16, 2025, the Federal Trade Commission (FTC) issued a press release stating, “The updated [Children’s Online Privacy Protection Act (COPPA)] rule strengthens key protections for kids’ privacy online. By requiring...more

Privacy Tip #427 – Ahead of the TikTok Ban, Users are Turning to Another Chinese App with Similar Privacy Concerns – What you...

TikTok users are seeking alternate platforms to share and view content as the U.S. is set to ban the popular social media app on January 19, 2025. Instead of turning to U.S.-based companies like Facebook or Instagram, users...more

What to Know About the HHS HIPAA Security Standards Proposal

At the close of 2024, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) issued a Notice of Proposed Rulemaking (the Proposed Rule) to amend the Security Rule regulations established...more

A Year in Privacy and Security: Privacy Violations, Large-Scale Data Breaches, and Big Fines and Settlements

2024 was a year chock-full of data breaches and privacy violations. Many new data privacy and cybersecurity regulations were introduced (and became effective), and regulators sent a strong message to businesses that privacy...more

CFPB Issues Proposed Rule to Restrict Data Brokers’ Use of Data

The Consumer Financial Protection Bureau (CFPB) announced this week that it intends to increase the scrutiny on data brokers to better protect service members, law enforcement officials, domestic violence victims, senior...more

Increased Privacy Enforcement Actions Anticipated Under Texas Privacy Law

While California was the first state to implement a comprehensive consumer privacy rights law and the first to bring an enforcement action for violations, Texas is quickly becoming the next privacy regulator to watch. The...more

Oak Valley Hospital Reaches Settlement in Class Action over Data Breach

Oak Valley Hospital, located in Oakdale, California, reached a settlement in a class action related to a 2023 data breach. On July 18, 2023, Oak Valley detected suspicious activity on its IT systems. Pursuant to the forensic...more

Precious-Metal Refiner Hit with Data Breach Class Action over 2023 Cyber-Attack

Elemetal LLC faces a data breach class action resulting from its alleged failure to implement appropriate security measures, which led to a 2023 breach of approximately 13,000 customers’ personal information. Elemetal is a...more

Marriott and Starwood Settle on Consent Agreement with FTC for Data Breaches

This week, Marriott International, Inc. and its subsidiary Starwood Hotels & Resorts Worldwide LLC (collectively, Marriott) agreed to settle on the terms of a settlement order with the Federal Trade Commission (FTC) for its...more

CPPA’s Cooperation with International Data Protection Authorities

Across Europe and other countries, there are numerous data protection authorities with differing goals and enforcement powers. Until 2020, when the California Privacy Rights Act (which amended the California Consumer Privacy...more

Labor Union Faces Class Action for Data Breach

A class action complaint was filed against the International Brotherhood of Electrical Workers (IBEW) labor union for a data breach that occurred between March 31 and April 5, 2024. IBEW represents individuals who work in a...more

CDK Car Dealership Software Breached, Lawsuits Filed

Last month, multiple car dealerships and auto repair shops filed federal lawsuits against CDK Global LLC, a technology company providing software to the automotive, heavy truck, recreation, and heavy equipment industries, as...more

Data Privacy + Cybersecurity Insider - May 2024 #4

CYBERSECURITY - CISA Issues Advisory on Black Basta Ransomware - On May 10, 2024, CISA, along with the FBI, HHS, and MS-ISAC, issued a joint Cybersecurity Advisory relating to Black Basta ransomware affiliates “that...more

Data Privacy + Cybersecurity Insider - May 2024 #3

CYBERSECURITY - Health Care Entities Continue to Get Pummeled by Cybersecurity Attacks - The newest health care entity to be hit by a cyberattack is Ascension Health, which operates 140 hospitals and 40 assisted living...more

Data Privacy + Cybersecurity Insider - May 2024 #2

CYBERSECURITY - Health Care Entities Continue to Get Pummeled by Cybersecurity Attacks - The newest health care entity to be hit by a cyberattack is Ascension Health, which operates 140 hospitals and 40 assisted living...more

Data Privacy + Cybersecurity Insider - April 2024

CYBERSECURITY HC3 Warns Health Sector About Social Engineering Attacks Against IT Help Desks - The Health Sector Cybersecurity Coordination Center (HC3) recently issued an Alert warning that “threat actors employing...more

Convergent Outsourcing Settles Data Breach Class Action for $2.45 Million

Convergent Outsourcing Inc., a debt-collection agency, settled a data breach class action in the U.S. District Court for the Western District of Washington for $2.45 million. The class action suit against Convergent alleged...more

Update on Connecticut’s Consumer Privacy Law: How Has it Been Enforced?

The Connecticut Data Privacy Act (CDPA), which became effective on July 1, 2023, provides Connecticut residents with certain rights over their personal information and establishes responsibilities and privacy protection...more

Data Privacy + Cybersecurity Insider - February 2024

CYBERSECURITY CISOs: New Report Outlines Risks of LLMs - I hang out with a lot of Chief Information Security Officers (CISOs), so this piece is for them. Of course, it will be of interest to all security professionals...more

Data Privacy + Cybersecurity Insider - January 2024 #4

CYBERSECURITY - Mozilla Releases Security Updates for Thunderbird and Firefox - Mozilla recently released security updates to address known vulnerabilities in their Thunderbird and Firefox products. The Cybersecurity &...more

92 Results
 / 
View per page
Page: of 4

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide