A massive data breach hit one of the country’s largest education software providers. According to EducationWeek, PowerSchool provides school software products to more than 16,000 customers, largely K-12 schools, that serve 50...more
It well known that there are, unfortunately, many data breaches that frequently put private citizens’ data privacy in jeopardy. States have passed a variety of statutes aimed at addressing this problem in an attempt to...more
Arizona-based Banner Health has agreed to settle for up to $6 million a class action case filed against it following a 2016 incident that compromised the personal information of 3 million individuals....more
Many readers have reached out to learn about the Capital One data breach and how it affects us. If you haven’t been watching the story unfold as closely as I have, here is a summary of what happened, what information was...more
Security researchers have warned municipalities repeatedly about how they are being targeted with ransomware, that they are at high risk, and the need to make data security a high priority. Please see full Publication blow...more
Massachusetts’ breach notice law has been amended, requiring companies who suffer a data breach to provide more information to the Attorney General about the incident. The law will go into effect in a month, on April 11,...more
The Governor of Massachusetts has just signed into law amendments to the state’s data breach notification law. The amendments will go into effect April 11, 2019. Under the amended law, companies whose breaches involve Social...more
In an age where data is widely available and almost everything is stored online, data breaches are becoming more common, and the outcomes of cases involving data breaches are unpredictable. Data involved in a breach can range...more
Phishing. Spoofing. - These words may sound silly, but for employers, they are anything but. Phishing is the attempt to obtain sensitive electronic information—such as usernames, passwords, or financial...more
A bi-partisan privacy and data security bill, which will significantly impact companies with North Carolina employees, is in the works. North Carolina State Representative Jason Saine (R), Appropriations Chairman of...more
On December 1, PayPal disclosed that an ongoing investigation into identify security vulnerabilities identified a data breach that may have compromised personally identifiable information for roughly 1.6 million customers at...more
In May, the U.S. Supreme Court issued its opinion in Spokeo v. Robins, providing guidance on the “injury-in-fact” aspect of the constitutional standing requirement for putative class action plaintiffs. 136 S. Ct. 1540...more
As reported on Friday in the Krebs on Security blog, online broker Scottrade had sent an e-mail to customers earlier that day stating that it recently had learned from law enforcement officials that Scottrade was one of a...more
Lawyers for former employees of Sony Pictures Entertainment (“SPE”) indicated in a September 2, 2015 filing that they have tentatively reached a settlement with SPE in the class action suit resulting from the data breach...more
Exellus BlueCross BlueShield has announced that the personal information of at least 10 million members has been compromised in a “very sophisticated” cyberattack that occurred on December 23, 2013 and was discovered by the...more
This Is The End? - Settlement appears imminent in an employee class action against Sony Pictures Entertainment (“SPE”) arising from disclosure of their personally identifiable information (“PII”) in a massive data breach...more
The list of companies hit by cyber-attacks continues to grow. This time, Florida-based web hosting company, Web.com, has announced that it suffered a data breach that may have compromised credit card information and other...more
The IRS announced last week that the value of identity theft protection services are not taxable and do not have to be included in gross income calculations for tax purposes. Identity theft continues to be the number one...more
Katy Independent School District (ISD) was randomly audited by the IRS on August 5th. In order to conduct the audit, the IRS auditor had a flash drive with the names, addresses, birth dates and Social Security numbers of...more
The Senate Appropriations Committee has approved funding to provide the 22 million individuals affected by the OPM data breaches with 10 years of credit monitoring services and $5 million in liability protection for damages,...more
In yet another data breach affecting millions of individuals, UCLA Health System (“UCLA”) reported on July 17, 2015, that hackers had accessed portions of its health network that contained personal information, including...more
With no Congressional consensus to adopt a federal data privacy and breach notification statute, states are updating and refining their already-existing laws to enact more stringent requirements for companies. Two states...more
The FCC has announced that it will receive a settlement payment of $3.5 million from two telecommunications companies—TerraCom Inc. and YourTel America for allegations around the companies’ failure to safeguard customers’...more