No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
AI Talk With Juliana Neelbauer - Episode Two - Cybersecurity Insurance: The New Frontier of Risk Management
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
Snooping Sadia Talks to Former Official Gene Fishel — Unauthorized Access Podcast
Life With GDPR: Critical Perspectives on Big Law Firm Cybersecurity
What do a global sportswear giant and a prestigious medical center have in common? Apparently, a shared struggle defending data breach lawsuits for breaches of sensitive personal information caused by third-party vendors....more
On May 5, the OIG for the Fed authored a report with several recommendations for the CFPB following a major security incident regarding confidential supervisory information (CSI). The OIG issued four findings with seven...more
Threat actors are leveraging the publicity around AI tools to trick users into downloading the malware known as Noodlophile through social media sites. Researchers from Morphisec have observed threat actors, believed to...more
23andMe’s recent Chapter 11 bankruptcy filing has sparked significant concerns over the privacy and security of genetic data belonging to its 15 million customers. Founded in 2006, 23andMe built its business around...more
The New York Attorney General recently entered into an assurance of discontinuance with Root Insurance Company following a 2021 data incident. According to the AG, the threat actors obtained people’s drivers’ license numbers...more
HaveIBeenPwned is a website that allows users to check whether their data has been involved in data breaches. The website’s creator, Troy Hunt, was the subject of a phishing attack earlier this week....more
I am not sure what the rush was to make the JFK assassination files available, but the perceived urgency caused Social Security numbers of individuals involved in the investigation to be released to the public. Although The...more
New York AG Letitia James settled with Root Insurance Company to resolve allegations that the company’s data security deficiencies led to a 2021 data breach involving 72,000 people, in violation of state consumer protection...more
On March 1, New York State Attorney General Letitia James filed a complaint in the Supreme Court of the State of New York against a group of insurance companies and a parent corporation. The complaint alleged these companies...more
In data breach litigation, courts generally find plaintiffs have standing such that their complaints may proceed past the pleading stage when it is alleged that sensitive information was impacted and there is an allegation of...more
Last week, two separate class actions were filed in the federal district court for the Southern District of Texas against DISA Global Solutions (DISA), a third-party employment screening services provider, related to an April...more
Taxpayer confidentiality isn’t just a legal technicality—it’s a fundamental pillar of trust in the U.S. tax system. Federal law is designed to ensure that individuals and businesses can comply with tax obligations without...more
The growing prevalence of data breaches has led to an uptick in class action litigation based on consumers' personal information allegedly being accessed. A common theme emerging in these lawsuits is plaintiffs claiming that...more
In April 2024, the IRS sent notices informing more than 70,000 taxpayers that their tax and personal data had been stolen in 2019 by a former IRS contractor, Charles Littlejohn. Littlejohn not only stole the data of hundreds...more
Marriott has agreed to pay $52 million dollars and implement new consumer data protections to settle investigations by attorneys general from 49 states and the Federal Trade Commission, following data breaches that occurred...more
On Jan. 24, the Illinois Supreme Court, in Petta v. Christie Business Holdings Company, PC, affirmed the dismissal of a putative class action following an alleged data breach because the named plaintiff failed to allege any...more
We have repeatedly warned our readers about malicious QR codes and their use by threat actors. Threat actors are now using these codes to disguise packages as gifts....more
Tomorrow is International Data Privacy Day, so a happy day to all! More seriously, data privacy concerns and legislation continue to rapidly increase. It has been estimated that by the end of 2024 more than 75 percent of...more
Insider threats continue to present a significant challenge for organizations of all sizes. One particularly concerning scenario involves employees who leave an organization and impermissibly take or download sensitive...more
New York State Governor Hochul recently gave us a “pre” New Year’s gift: effective on December 21, 2024, any individuals or businesses possessing the “private information” of New Yorkers must notify them, and certain state...more
A massive data breach hit one of the country’s largest education software providers. According to EducationWeek, PowerSchool provides school software products to more than 16,000 customers, largely K-12 schools, that serve 50...more
In late December 2024, the New York Governor signed two bills (S2659B and S2376B) amending the state’s data breach notification law (N.Y. Gen. Bus. Law § 899-aa), to expand the definition of reportable personal information...more
As 2024 came to a close, New York Gov. Hochul signed two bills (A8872A and S2376B) amending New York’s data breach law. The modifications change both what constitutes personal information under the law, as well as modifying...more
We previously reported that Ascension Health detected a cyber-attack on May 8, 2024, that affected clinical operations in Ascension facilities in six states....more
On December 21, 2024, while many Americans were busy signing holiday cards and exchanging gifts, New York Governor Kathy Hochul was signing six significant pieces of legislation aimed at enhancing online safety and...more