We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Driving Digital Security: The FTC's Safeguards Rule Explained — Moving the Metal: The Auto Finance Podcast
No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
AI Talk With Juliana Neelbauer - Episode Two - Cybersecurity Insurance: The New Frontier of Risk Management
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
According to an AT&T spokesperson, this is not accurate. Social Security Numbers and Dates of Birth were already available in plain text in the original compromised dataset from 2024 (in separate files that could be...more
The growing prevalence of data breaches has led to an uptick in class action litigation based on consumers' personal information allegedly being accessed. A common theme emerging in these lawsuits is plaintiffs claiming that...more
Last week, a class action was filed against NewsBank, Inc., a Florida-based news database company, related to a 2024 breach of employee personal information. NewsBank provides a database of archived news publications...more
We have repeatedly warned our readers about malicious QR codes and their use by threat actors. Threat actors are now using these codes to disguise packages as gifts....more
On December 21, 2024, while many Americans were busy signing holiday cards and exchanging gifts, New York Governor Kathy Hochul was signing six significant pieces of legislation aimed at enhancing online safety and...more
Class actions arising from data breach represented the fastest growing segment of class action filings. In 2023, more than 2000 class actions were filed, more than triple the amount filed in 2022. These cases were filed in...more
Each of the 50 states has its own definition of what constitutes a reportable data breach. For some, it requires “unauthorized access” to personal information. For others, it requires “unauthorized acquisition.” And then,...more
CYBERSECURITY - New York Governor Proposes Cybersecurity Regulations for NY Hospitals - On November 13, 2023, Governor Kathy Hochul released proposed cybersecurity regulations applicable to all hospitals located within...more
CYBERSECURITY - Joint Commission Issues Alert on Patient Safety After a Cyber-Attack - On August 15, 2023, the Joint Commission issued a Sentinel Event Alert entitled “Preserving patient safety after a cyberattack,”...more
Judge Jeffrey White of the Northern District of California recently dismissed a putative class action lawsuit in which plaintiffs claimed they faced an imminent threat of future of harm in the form of identity theft and fraud...more
A 34-page class action was filed against Blackhawk Network for a data breach that occurred on MyPrepaidCenter.com in September of this year. The plaintiffs allege that Blackhawk Network’s failure to prevent or detect this...more
The Federal Trade Commission (“FTC”) announced on Monday that it is settling a case against Drizly and its CEO stemming from a 2020 data breach that impacted roughly 2.5 million consumers. The proposed order not only...more
ACTS Retirement Services, Inc. (ACTS), a non-profit corporation that manages retirement communities, suffered a data breach in April 2022, which led to unauthorized access to thousands of current and former employees’...more
Over the years, there have been very few class certification rulings in actions arising from data breach incidents. Of those that have been published, most have favored the defense....more
CYBERSECURITY - Intelligence Points to Likely Russian Attacks on Critical Infrastructure - The cybersecurity authorities of the United States (including CISA, FBI, NSA and DOE), Australia, Canada, New Zealand, and the...more
New York recently passed legislation to amend the definition of elder abuse to include identity theft. This is important as an acknowledgement of the seriousness of the problem of identity theft involving the elderly, and the...more
Two major U.S. financial institutions, Morgan Stanley and Capital One, recently agreed to resolve separate class action lawsuits by paying, in the aggregate, hundreds of millions of dollars in compensation for massive data...more
In April 2021, the Second Circuit issued a decision recognizing an increased risk of future, unrealized identity theft or fraud as a basis for establishing Article III standing. Background - The case, McMorris v. Carlos...more
Equifax has agreed to pay $575 million to settle consumer as well as state and federal regulatory claims for its 2017 data breach. This is the largest data breach settlement to date. ...more
An amendment to New Jersey’s data breach notification requirements of the Consumer Fraud Act is currently awaiting signature by State Governor Phil Murphy. The bill, Assembly No. 3245, was recently passed by both the New...more
Although the Massachusetts Data Security Regulations went into effect March 1, 2010, I still find that many companies have not implemented a Written Information Security Program (WISP) and don’t know that they are required to...more
The Pennsylvania Supreme Court recently held that employers have “a legal duty to safeguard” the personal data of their employees which is stored on internet-accessible computer systems and that the economic loss doctrine...more
The Pennsylvania Supreme Court has drastically changed the data breach litigation landscape by holding that an employer has a common law duty to use reasonable care to safeguard its employees' personal information stored on...more
A circuit split on whether actual misuse of personal data is required to have standing to assert data breach claims remains unresolved. Last week the Supreme Court rejected a petition to review that issue in CareFirst v....more
A bi-partisan privacy and data security bill, which will significantly impact companies with North Carolina employees, is in the works. North Carolina State Representative Jason Saine (R), Appropriations Chairman of...more