We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Driving Digital Security: The FTC's Safeguards Rule Explained — Moving the Metal: The Auto Finance Podcast
No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
AI Talk With Juliana Neelbauer - Episode Two - Cybersecurity Insurance: The New Frontier of Risk Management
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
The FBI issued a warning on June 27, 2025, that criminals impersonating healthcare insurers and fraud investigators are sending text messages and emails to healthcare providers and patients to trick them into providing...more
We previously reported that Ascension Health detected a cyber-attack on May 8, 2024, that affected clinical operations in Ascension facilities in six states....more
Earlier this month, a federal grand jury returned an indictment charging a Chinese national and another individual as part of an extremely sophisticated hacking group operating in China that targeted large businesses in the...more
Anthem, Inc., the country’s second largest insurer has agreed to pay $16 million to the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) and take corrective action to settle potential violations...more
On October 15, 2018, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) announced that Anthem, Inc. will pay $16 million to settle OCR’s investigation of its potential violations of the Health...more
Toyota Industries North America (TINA) has discovered that a hacker was able to access its corporate email system, compromising the personal and protected health information of approximately 19,000 individuals, apparently...more
Earlier this week, the Supreme Court of the United States denied certiorari in CareFirst v. Attias, a closely watched case that some thought provided the Court with an opportunity to clarify the standing analysis under Spokeo...more
Counsel hoping for Supreme Court guidance on standing issues dividing the circuit courts will have to wait a bit longer. On February 20, the Court denied a petition for writ of certiorari in Attias v. CareFirst to resolve a...more
In October 2017, healthcare insurer, CareFirst, petitioned the United States Supreme Court, requesting the Court to clarify the constitutional standing requirement for plaintiffs seeking to bring claims regarding their...more
At its first conference this month, the U.S. Supreme Court will consider whether to weigh in on a Circuit split over standing to sue in the aftermath of a data breach. ...more
Blue Cross Blue Shield of Florida (Florida Blue) has announced that 475 applications for insurance were backed up to the cloud, on an unsecured cloud server, by an unaffiliated agent of Real Time Health Quotes, and exposed...more
As 2017 draws to a close, data breach class actions abound, while questions regarding what suffices for Article III standing in these cases remain—with litigants hoping the Supreme Court will soon weigh in....more
In a significant ruling addressing the scope of the attorney-client privilege and work product doctrine in a data breach case, a Federal judge in Oregon ordered Premera Blue Cross, the Washington-based healthcare services...more
In the latest sign that data breach class actions are here to stay—and, indeed, growing—the D.C. Circuit resuscitated claims against health insurer CareFirst BlueCross and Blue Shield, following a 2015 breach that compromised...more
Recently, the D.C. Circuit Court of Appeals ruled in Attias v. CareFirst, Inc., No. 16-7108, that customers had standing to sue a health insurer for a 2014 data breach in which the customers’ information was stolen. ...more
The U.S. Court of Appeals for the D.C. Circuit has held that allegations of a heightened risk of future identity theft resulting from a data breach established a concrete injury at the pleading stage....more
We have previously reported on the evolving circuit split over standing in data breach class actions. On August 1st, a three judge panel for the District of Columbia Circuit became the latest to weigh in on the issue. In...more
A federal appeals court earlier this week dealt a blow to healthcare insurer CareFirst, Inc., concluding that a group of customers have the right to pursue a class action data breach lawsuit based on a 2014 cyberattack....more
The U.S. Court of Appeals for the D.C. Circuit has reinstated a data breach class action filed against CareFirst BlueCross BlueShield (CareFirst). The lawsuit stems from a June 2014 data breach in which hackers infiltrated 22...more
Newkirk Products Inc., which provides ID cards and management services for healthcare organizations, including multiple Blue Cross Blue Shield organizations, has announced that it has discovered that its computer system was...more
The latest development in how American courts will handle the standing question for data breach class actions came last week when the U.S. District Court for the District of Columbia dismissed for lack of standing a putative...more
The United States District Court of Maryland recently dismissed a putative class action alleging that CareFirst’s failure to adequately secure the computer hardware storing their customers’ personal information led to two...more
Excellus Blue Cross Blue Shield (Excellus) was hit with another proposed class action suit late last week. The case, filed by a New York woman, accuses Excellus BlueCross BlueShield of failing to prevent a massive data...more
Almost all U.S. states and territories have enacted breach notification laws requiring private and/or government entities to notify individuals when their personal information is compromised....more
Yesterday, Excellus Blue Cross Blue Shield, located in Rochester, NY, announced that it will notify up to 10 million members that it was the victim of a cyber-attack dating back to December of 2013 that exposed their members’...more