The Trump administration has systematically fired federal privacy- and security-focused employees since taking office.
Three members of the bipartisan, independent agency, the Privacy and Civil Liberties Oversight Board...more
2/28/2025
/ Compliance ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Government Efficiency (DOGE) ,
Employees ,
FOIA ,
Government Agencies ,
Office of Personnel Management (OPM) ,
Personal Information ,
Privacy Laws ,
Privacy Policy ,
Risk Management ,
Trump Administration ,
Veterans
The Department of Government Efficiency’s (DOGE) staggering unfettered access to all Americans’ personal information is highly concerning. DOGE employees’ access includes databases at the Office of Personnel Management, the...more
2/21/2025
/ Consumer Privacy Rights ,
Data Breach ,
Data Privacy ,
Data Security ,
Department of Education ,
Department of Government Efficiency (DOGE) ,
Department of Health and Human Services (HHS) ,
Office of Personnel Management (OPM) ,
Personally Identifiable Information ,
Privacy Laws ,
U.S. Treasury
The Cybersecurity & Infrastructure Security Agency, the Federal Bureau of Investigation, and the Multi-State Information Sharing and Analysis Center released an advisory on February 19, 2025, providing information on Ghost...more
Texas Attorney General Ken Paxton announced on February 14, 2024, that his office has opened an investigation into DeepSeek’s privacy practices. DeepSeek, an artificial intelligence company with ties to the People’s Republic...more
According to a highly critical article recently published by TechCrunch, the Department of Government Efficiency (DOGE), President Trump’s advisory board headed by Elon Musk, has “taken control of top federal departments and...more
2/14/2025
/ Artificial Intelligence ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Government Efficiency (DOGE) ,
Elon Musk ,
National Security ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Sensitive Personal Information ,
Trump Administration
New York, Texas, and Virginia are the first states to ban DeepSeek, the Chinese-owned generative artificial intelligence (AI) application, on state-owned devices and networks....more
2/14/2025
/ Artificial Intelligence ,
China ,
Cybersecurity ,
Data Privacy ,
Data Security ,
Executive Orders ,
Information Technology ,
National Security ,
Popular ,
Privacy Laws ,
Social Media ,
Technology Sector
If you are a GrubHub customer, read carefully. The app has confirmed a security incident involving a third-party vendor that allowed an unauthorized threat actor to access user contact information, including some customer...more
Soon after the Chinese generative artificial intelligence (AI) company DeepSeek emerged to compete with ChatGPT and Gemini, it was forced offline when “large-scale malicious attacks” targeted its servers. Speculation points...more
2/7/2025
/ Artificial Intelligence ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Machine Learning ,
National Security ,
Privacy Laws ,
Risk Management
Last year, the Illinois Judicial Conference Task Force on Artificial Intelligence (IJC) was created to develop recommendations for how the Illinois Judicial Branch should regulate and use artificial intelligence (AI) in the...more
1/31/2025
/ Artificial Intelligence ,
Data Privacy ,
Equal Protection ,
Illinois ,
Judges ,
Legal Technology ,
Machine Learning ,
Regulatory Agenda ,
Risk Management ,
Rules of Professional Conduct ,
State and Local Government
On January 22, 2025, the Federal Bureau of Investigation (FBI) and the Cybersecurity & Infrastructure Security Agency (CISA) issued a joint advisory related to previous vulnerabilities in the Ivanti Cloud Service Appliance,...more
MGM Resorts agreed to pay $45 million to settle over a dozen class action lawsuits concerning 2019 and 2023 data breaches. A federal court in Nevada preliminarily approved the settlement, which, according to lawyers, covers...more
We have repeatedly warned our readers about malicious QR codes and their use by threat actors.
Threat actors are now using these codes to disguise packages as gifts....more
1/30/2025
/ Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
Fraud ,
Identity Theft ,
Personal Data ,
Personal Information ,
Scams
In its continued concentration on the collection and use of consumers’ precise geolocation, on January 16, 2024, the Federal Trade Commission (FTC) settled with General Motors (GM) over allegations that it collected, used,...more
Despite bipartisan support for banning TikTok – essentially spyware presenting a national security threat from the People’s Republic of China (PRC) – in the United States (as done by India) and the Supreme Court’s upholding...more
1/24/2025
/ China ,
Data Privacy ,
Executive Orders ,
Free Speech ,
Mobile Apps ,
National Security ,
Privacy Laws ,
SCOTUS ,
Sensitive Personal Information ,
Social Media ,
Spyware ,
TikTok ,
Trump Administration
This week, I received a fake text message (a smish) saying my E-ZPass account was overdue and that I urgently needed to pay it. That’s a new one and, apparently, quite effective. Luckily, I knew it was a scam, but others were...more
American Addiction Centers (AAC) has notified 422,424 individuals that their personal information was stolen in a cyber-attack attributed to the Rhysida criminal organization. The incident was discovered on September 26,...more
We previously reported that Ascension Health detected a cyber-attack on May 8, 2024, that affected clinical operations in Ascension facilities in six states....more
The Federal Trade Commission (FTC) has been on a mission to get the message across that it is serious about companies collecting, using, and selling sensitive location data of consumers and that it is closely watching these...more
Connecticut Attorney General William Tong announced on October 21, 2024, that his office has settled a data breach case against Guardian Analytics, Inc. for $500,000. The data breach affected the personal information of...more
10/25/2024
/ Cybersecurity ,
Cybersecurity Framework ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Enforcement Actions ,
Incident Response Plans ,
Personally Identifiable Information ,
Risk Assessment ,
Settlement
As a Rhode Islander, I am a big fan of our former Governor and now Secretary of Commerce, Gina Raimondo. She has always had her eye on the ball of the rapidly developing data privacy and cybersecurity risks and threats to...more
The National Institute of Standards and Technology (NIST) has issued helpful recommendations for consumers to consider when securing home routers. The publication, issued on September 10, 2024, emphasizes how important it is...more
HealthEquity, an administrator of workplace benefits for more than 15 million people, is notifying 4.3 million individuals, starting on August 9, 2024, that their personal information was compromised. The compromised data...more
On July 10, 2024, the U.S. District Court for the Eastern District of Wisconsin granted plaintiffs’ Motion for Final Approval of a $12.2 million proposed settlement by Advocate Aurora Health to settle allegations against the...more
Some writers (not from my great state of Rhode Island) act like Rhode Island has been behind the times when it comes to data privacy and security when discussing Rhode Island’s new privacy law. I feel a need to explain that...more
7/12/2024
/ Consent ,
Consumer Privacy Rights ,
COPPA ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Security ,
Notification Requirements ,
Personal Data ,
Privacy Policy ,
Rhode Island ,
State Privacy Laws
Verizon’s 2024 Data Breach Report, a must-read publication, was published on May 1, 2024. The report indicates that “Over the past 10 years, the use of stolen credentials has appeared in almost one-third (31%) of all...more