CYBERSECURITY - U.S. Retailers Bracing for Scattered Spider Attacks - Google sent out a warning that the cybercriminal group Scattered Spider is targeting U.S.-based retailers. Scattered Spider is believed to have been...more
5/30/2025
/ Artificial Intelligence ,
CIPA ,
Class Action ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Security ,
Privacy Laws ,
Ransomware ,
State Data Privacy Laws ,
Web Tracking
With the proliferation of artificial intelligence (AI) usage over the last two years, companies are developing AI tools at an astonishing rate. When pitching their AI tools, these companies claim that their products can do...more
MGM Resorts agreed to pay $45 million to settle over a dozen class action lawsuits concerning 2019 and 2023 data breaches. A federal court in Nevada preliminarily approved the settlement, which, according to lawyers, covers...more
Lehigh Valley Health Network (LVHN) has agreed to settle a class action filed against it following a February 2023 ransomware attack that compromised personal information of patients, including medical and treatment...more
Tennessee Governor Bill Lee signed legislation on May 22, 2024, that will shield private entities from class action lawsuits stemming from a cybersecurity event unless the event was caused by willful, wanton, or gross...more
Car manufacturer General Motors (GM) is the subject of litigation in Georgia by two New Jersey Chevy Bolt drivers who allege that GM collected data about their driving habits and behavior and disclosed it to third parties,...more
While plaintiffs’ attorneys were initially focused late last year on suing health care entities for using Pixel and other tracking technology to share information about website users with social media platforms such as Meta...more
1/27/2023
/ Chick-Fil-A ,
Class Action ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data-Sharing ,
Facebook ,
Fast-Food Industry ,
Statutory Violations ,
Targeted Digital Advertising ,
Tracking Systems ,
Video Privacy Protection Act ,
Web Tracking
CYBERSECURITY -
Twilio Hit with Social Engineering Smishing Scheme -
We’ve explained smishing schemes before. Smishing is like phishing, but uses SMS texting to deliver malicious code to users’ phones, or tricks the user...more
8/12/2022
/ Artificial Intelligence ,
Class Action ,
Cyber Attacks ,
Data Breach ,
Drones ,
Federal Aviation Administration (FAA) ,
Hackers ,
Identity Theft ,
Information Technology ,
Personally Identifiable Information ,
Phishing Scams ,
Popular ,
Social Engineering
Kronos, Inc., has agreed to (and a federal judge has preliminarily approved) a $15.3 million settlement to resolve claims that it violated the Illinois Biometric Information Privacy Act (BIPA) by collecting biometric...more
2/25/2022
/ Biometric Information ,
Biometric Information Privacy Act ,
Class Action ,
Data Collection ,
Data Privacy ,
Employer Liability Issues ,
Employment Litigation ,
Fingerprints ,
Personal Data ,
Personally Identifiable Information ,
Settlement
Illinois’s Biometric Information Privacy Act (BIPA) continues to be a problem for employers who are using biometric information such as palm readers or fingerprint timekeeping software....more
CYBERSECURITY -
T-Mobile Clarifies Facts of Security Incident in Press Release -
There has been a flurry of reporting in the past few days on the T-Mobile customer data compromise, with allegations that the compromise...more
8/24/2021
/ Baby Products ,
California Consumer Privacy Act (CCPA) ,
Class Action ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Hackers ,
Information Governance ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Smart Devices ,
T-Mobile ,
Vulnerability Assessments
Blackbaud, which suffered a data breach of its customers’ data in a ransomware attack in 2020, in which it admitted paying the ransom in a double extortion attack, is facing multiple class action cases following the attack. ...more
CYBERSECURITY -
Tulsa, OK Refuses to Pay Ransom to Attackers -
The City of Tulsa, Oklahoma, announced on May 9, 2021, that it had been hit with a ransomware attack, but the Mayor is resolute in not paying the demanded...more
Colonial Pipeline was hit with a proposed class action suit this week by a resident of North Carolina who alleges that he had to purchase gasoline at inflated prices due to the “unlawfully deficient data security” of...more
PCS Revenue Control Systems, Inc. (PCS) was hit with a proposed class action lawsuit last week alleging that it discovered a data breach from a hacking attack in December 2019 but failed to notify the affected students until...more
CYBERSECURITY -
NYDFS -
Cybersecurity Certificate of Compliance Due April 15, 2021
The New York Department of Financial Services (DFS), which regulates certain covered entities and licensed persons in the financial...more
1/22/2021
/ Blockchain ,
California Consumer Privacy Act (CCPA) ,
CARES Act ,
Class Action ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Financial Services Industry ,
Hackers ,
HIPAA Breach ,
Malware ,
Marriott ,
NYDFS ,
Paycheck Protection Program (PPP) ,
Personal Data ,
Personally Identifiable Information ,
Russia ,
SolarWinds ,
Vaccinations
It is no longer a matter of if, but when companies that suffer a data breach will be sued in a class action lawsuit following a data breach. Many of those data breach cases get dismissed, as it is difficult for consumers to...more
CYBERSECURITY -
NSA + FBI Warn Defense Contractors of Russian Hackers -
When the National Security Agency (NSA) and the Federal Bureau of Investigations (FBI) get together to issue a joint warning, you may wish to listen...more
8/21/2020
/ California Consumer Privacy Act (CCPA) ,
Carnival Cruise Lines ,
Class Action ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
FBI ,
Instagram ,
NASA ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Social Media ,
TikTok ,
Vulnerability Assessments ,
YouTube
Capital One Required to Produce Forensic Report in Class Action -
As a litigator, when responding to any security incident, thoughtful consideration is given to the possibility that the security incident may wind up in...more
5/31/2020
/ Artificial Intelligence ,
Automation Systems ,
Capital One ,
Class Action ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Data Breach ,
Data Privacy ,
Department of Defense (DOD) ,
Drones ,
Financial Services Industry ,
iPhone ,
Popular ,
Robotics ,
Toyota ,
Vulnerability Assessments
As a litigator, when responding to any security incident, thoughtful consideration is given to the possibility that the security incident may wind up in litigation, and therefore, certain decisions are made in anticipation of...more
One of the most significant consumer rights offered by the new California Consumer Privacy Act (CCPA) is what we call the “private right of action” afforded by the law. A private right of action under a law basically means...more
3/13/2020
/ California Consumer Privacy Act (CCPA) ,
Class Action ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Information Governance ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Private Right of Action ,
State and Local Government
Arizona-based Banner Health has agreed to settle for up to $6 million a class action case filed against it following a 2016 incident that compromised the personal information of 3 million individuals....more
12/13/2019
/ Class Action ,
Credit Monitoring ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Debit and Credit Card Transactions ,
Hackers ,
Personally Identifiable Information ,
PHI ,
Settlement Agreements
Another day, another suit against a brand name for allegations of violation of the Illinois Biometric Information Privacy Act (BIPA). Plaintiffs’ attorneys are having a field day filing class action lawsuits based on BIPA....more
Vimeo, Inc. was sued last week in a class action case alleging that it violated the Illinois Biometric Information Privacy Act by “collecting, storing and using Plaintiff’s and other similarly situated individuals’ biometric...more
Many readers have reached out to learn about the Capital One data breach and how it affects us. If you haven’t been watching the story unfold as closely as I have, here is a summary of what happened, what information was...more
8/1/2019
/ Capital One ,
Class Action ,
Credit Monitoring ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Financial Services Industry ,
Gramm-Leach-Blilely Act ,
Hackers ,
Identity Theft ,
Personally Identifiable Information ,
Risk Management