No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Cybersecurity in Video Games & Esports
2023 DSIR Deeper Dive: Plaintiffs’ Attorneys Are Trying to Assert a New Cause of Action Against Universities Based on an Old Law Regulating Videotape Service Providers
Podcast: A Conversation with Andy Rotherham on Hot Topics in Education for 2023
No Password Required: Threat Intelligence Analyst at Recorded Future, the Ransomware Sommelier, and a Guy With a Mildly Exciting Expense Account
Compliance & Disaster Preparedness
2023 DSIR Report Deeper Dive into the Data
Episode 282 -- CISO and CCOs -- The Evolving Partnership
No Password Required: Threat Researcher at Cisco Talos and a Veteran of the Highest-Profile Cyber Incidents Who Roasts His Own Coffee Beans
Innovation in Compliance - The Role of Backup Systems in Cybersecurity Defense with Curtis Preston
Cyber Threats
No Password Required: The Teenage CEO of Girls Who Hack and Secure Open Vote, Who Is as Comfortable Behind a Mic as She Is Behind a Keyboard.
Hinshaw Insurance Law TV – Cybersecurity Third and Final Part: Ransomware
Can Cyber Investigations Be Canned? - Unauthorized Access Podcast
[Podcast] NSA Cybersecurity Services for Defense Contractors
Understanding the Additional Risks When Making a Ransomware Payment
2022 DSIR Deeper Dive: Ransomware
CYBERSECURITY - U.S. Retailers Bracing for Scattered Spider Attacks - Google sent out a warning that the cybercriminal group Scattered Spider is targeting U.S.-based retailers. Scattered Spider is believed to have been...more
Selected U.S. Privacy & Cyber Updates - DOJ Settles False Claims Act Case with MORSECORP over Cybersecurity Program - On March 26, 2025, the U.S. Department of Justice (DOJ) announced that it had reached an agreement with...more
Recent federal enforcement actions have brought home the lesson that there’s really no acceptable reason for denying a patient timely access to medical records. Last year, for example, the HHS Office for Civil Rights (OCR)...more
A massive data breach hit one of the country’s largest education software providers. According to EducationWeek, PowerSchool provides school software products to more than 16,000 customers, largely K-12 schools, that serve 50...more
2024 was a record-breaking year for the wrong reasons, as it unfortunately involved the largest and most destructive data breaches. These data breaches affected companies of all sizes and in every sector, costing the United...more
Change Healthcare Inc. has amended its initial breach report to the HHS Office for Civil Rights (OCR) to state that 100 million individuals were impacted by its mammoth ransomware attack and breach. However, as of Oct. 24,...more
Let’s review for a moment. It’s not a HIPAA violation to be a victim of ransomware. It’s not a HIPAA violation to pay a ransom. It’s up to the covered entity (CE) to determine if a security or privacy incident is a...more
Ethical hackers are becoming crucial allies in the battle against healthcare data breaches and ransomware attacks. In the twelfth episode of Sheppard Mullin’s Health-e Law Podcast, Ilona Cohen, Chief Legal Officer and Chief...more
On July 19, Change Healthcare Ince. filed a breach report with HHS Office for Civil Rights (OCR) concerning its mammoth ransomware attack and breach. The organization’s breach report to OCR identifies just 500 individuals as...more
Pennsylvania-based Geisinger Health System said it experienced a breach impacting more than 1.27 million patients when a former employee of vendor Nuance Communications Inc., a Microsoft Corp. subsidiary, accessed patient...more
Organizations typically deal with ransomware attacks out of the public eye, but the massive scale of United Healthcare Group’s (UHG) February breach made that an impossibility. UHG CEO Andrew Witty was recently on the hot...more
The Change Healthcare ransomware attack presents potentially significant ramifications for hospitals, health systems, pharmacies and others that rely on the organization’s tools for healthcare payment, revenue cycle...more
The Current Status of Privacy Laws Across the United States - Unlike the General Data Protection Regulation (GDPR) in the European Union (EU), the United States does not have a nationwide comprehensive data privacy law....more
In a recent letter to the UK law society, the UK Information Commissioner’s Office and the National Cyber Security Centre have provided lawyers with advice about ransomware payments...more
Selected Developments in U.S. Law - U.S. Department of Commerce Announces the Establishment of a Global CBPR Forum On April 21, 2022, Canada, Japan, South Korea, the Philippines, Singapore, Taiwan, and the United States...more
Welcome to FP Forecast, a monthly outlook featuring Fisher Phillips thought leaders providing their insights into what employers can expect in 2022 and beyond. By following along each month, you’ll be in the best position to...more
In the past 5 years businesses felt the increasingly intricate data management rules (GDPR, CCPA, BIPA) pressed against an explosion in hacking and ransomware. Companies experience pressure from legislators, regulators,...more
As 2021 comes to a close, this article recounts some of the biggest trends in data privacy and cybersecurity from the past year and looks ahead at what we anticipate will come to workplaces in 2022. Employers across the...more
Best Practices for the Virginia Consumer Data Protection Act - The Virginia Consumer Data Protection Act (VCDA) Working Group of the Joint Commission on Technology and Science released its final report on best practices...more
Blackbaud Breach - In the early months of 2020, cybercriminals orchestrated a ransomware attack on Blackbaud Inc., a cloud software company headquartered in Charleston, South Carolina that provides data collection and...more
The transformation to a work from home/work from anywhere model has become the new normal and even after the pandemic ends, many expect that model to continue. This accelerated transition has forced companies to embrace...more
While still in its relative infancy, privacy law has quickly become a turbulent teenager, with constant change around the world. At a minimum, 2021 will require meaningful efforts to implement the changes of 2020, with a...more
COVID-19 has had a dramatic impact on nearly all aspects of organizations nationwide – from employee safety to reimagined workplaces to financial hardships. But cyber protection and response during the pandemic cannot take a...more
In this edition of our Privacy and Cybersecurity Update, we take a look at the Trump administration's executive order outlining its cybersecurity plans, Acting FTC Chairwoman Maureen Ohlhausen's comments on the possible...more