Our company experienced a cybersecurity incident. It seemed pretty minor — just a few suspicious emails and an employee’s account being locked. To my dismay, we’re now hearing from our IT team that the issue is more serious....more
On February 4, the Office of the Minnesota Attorney General (AG) released its second Report on Emerging Technology and Its Effect on Youth Well-Being, outlining the effects young Minnesota residents allegedly experience from...more
2/27/2025
/ Artificial Intelligence ,
Consumer Privacy Rights ,
Data Privacy ,
Data Security ,
Emerging Technologies ,
Innovative Technology ,
Machine Learning ,
Minors ,
Online Safety for Children ,
Social Media ,
State Attorneys General
New York Attorney General (AG) Letitia James and global movie theater operator National Amusements, Inc. (National) settled a lawsuit stemming from a 2022 data breach reported by National, which affected 82,128 National...more
12/9/2024
/ Class Action ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Enforcement Actions ,
Movie Theaters ,
Penalties ,
Personally Identifiable Information ,
Settlement ,
State Attorneys General
“Dear Mary” is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related — data breaches, forensic investigations, how to...more
“Dear Mary” is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related — data breaches, forensic investigations, how to...more
“Dear Mary” is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related — data breaches, forensic investigations, how to...more
Each of the 50 states has its own definition of what constitutes a reportable data breach. For some, it requires “unauthorized access” to personal information. For others, it requires “unauthorized acquisition.” And then,...more
7/25/2024
/ Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Data Theft ,
Identity Theft ,
Personal Data ,
Personally Identifiable Information ,
Unauthorized Access
‘Dear Mary,’ is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related – data breaches, forensic investigations, how to...more
Massachusetts Attorney General (AG) Andrea Joy Campbell issued an advisory to provide guidance on how state consumer protection, anti-discrimination, and data security laws apply to artificial intelligence (AI). The advisory...more
In the latest episode of Regulatory Oversight, Troutman Pepper Partner Judy Jagdmann and Counsel Gene Fishel are joined by Sam Kaplan, assistant general counsel for public policy for Palo Alto Networks. They engage in an...more
As we discussed in part three of this series, “Navigating the Complexities of Regulatory Data Incident Investigations,” when an organization is the subject of regulatory data incident investigations, it must navigate a...more
2/19/2024
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Incident Response Plans ,
Investigations ,
NIST ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Regulatory Oversight ,
Regulatory Reform ,
Regulatory Requirements ,
Settlement
On January 16, New Jersey Governor Phil Murphy signed S332 (the act), making New Jersey the first state in 2024 to enact a comprehensive privacy law. Several other states are currently considering similar comprehensive...more
1/26/2024
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Information Technology ,
New Jersey ,
Personal Data ,
Personally Identifiable Information ,
Regulatory Reform ,
State Data Privacy Laws
It is indeed a tangled regulatory web woven to potentially trap an organization in the wake of a data incident. Navigating this web can involve significant resources, time, and stress. As we discussed in part two of this...more
12/13/2023
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Regulatory Oversight ,
State Attorneys General
On October 17, 52 state and territorial attorneys general, in addition to state money transmission regulators, entered into settlements amounting to more than $20 million with ACI Worldwide (ACI), to resolve claims involving...more
10/20/2023
/ Data Breach ,
Data Privacy ,
Data Security ,
Financial Institutions ,
Financial Services Industry ,
Insufficient Funds ,
Money Transmitter ,
Mortgages ,
Payment Processors ,
Settlement ,
State Attorneys General ,
State Regulators ,
Third Party Payments ,
Unauthorized Transactions
Rutters, a prominent grocery chain in Pennsylvania with 80 locations statewide, settled a data breach investigation with Attorney General (AG) Michelle Henry’s office by agreeing to pay $1 million and to implement certain...more
10/19/2023
/ Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Grocery Stores ,
Pennsylvania ,
Personal Information ,
Regulatory Oversight ,
State Data Breach Notification Statutes ,
State Data Privacy Laws
In the burgeoning realm of data incidents, it is a truism that such incidents are not created equal. Indeed, a data incident is not necessarily a data breach.
Originally published in Reuters -August 24, 2023...more
8/25/2023
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
NIST ,
Personal Data ,
Personally Identifiable Information ,
Popular ,
Privacy Laws ,
Regulatory Oversight
On May 17, District of Colombia Attorney General Brian Schwalb announced the settlement of an investigation into Easy Healthcare Corporation, requiring the company to change its privacy practices involving the ovulation...more
Drawing from her experience investigating and prosecuting businesses in the aftermath of cybersecurity breaches, New York Attorney General Letitia James released a guide to help companies implement effective data security...more
In recent months, there has been an explosion of artificial intelligence tools that have given even technophobes an opportunity to test AI’s power from the comfort of their favorite web browser.
Originally published in...more
In addition to a night of revelry, the 2023 new year will trigger the many new privacy mandates in the Virginia Consumer Data Protection Act (VCDPA) for businesses operating in Virginia — only the second state with active...more
On December 8, Instagram CEO Adam Mosseri appeared before the Senate Subcommittee on Consumer Protection, Product Safety, and Data Security to answer questions about the social media platform’s effects on children and teens....more