News & Analysis as of

Cybersecurity Data Breach

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
Clark Hill PLC

Right To Know - June 2025, Vol. 30

Clark Hill PLC on

Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed. State Action: North Dakota Passes Law...more

BakerHostetler

[Podcast] 2025 DSIR Deeper Dive: Deeper Dive into the Data

BakerHostetler on

We’re back with a deeper dive into the 2025 Data Security Incident Response Report, which features insights and metrics from more than 1,250 incidents in 2024. This episode dives deeper into the data, including network...more

McCarter & English, LLP

Don’t Get Caught in Scattered Spider’s Web

McCarter & English, LLP on

The cybercrime group known as Scattered Spider is at it again, according to Google’s Threat Intelligence Group. This criminal group is known to focus its cyber attacks on one sector at a time. Last spring, it was the retail...more

Sheppard Mullin Richter & Hampton LLP

North Dakota Passes New Data Security Law for “Financial Corporations”

Sheppard Mullin Richter & Hampton LLP on

North Dakota recently passed a law establishing new rules for certain financial companies operating in the state – specifically “financial corporations.” The new obligations will take effect on August 1, 2025. They will apply...more

K&L Gates LLP

Pay the Price, Now ‘Fess Up’: Reporting Obligations for Ransomware Payments Are Live

K&L Gates LLP on

As of 29 May 2025, the requirement on businesses to report ransomware payments they make has come into effect. What is the Requirement? If a reporting business entity becomes impacted by a cyber security incident and ends up...more

Orrick, Herrington & Sutcliffe LLP

Financial services industry trade groups pen letter to Treasury Secretary Bessent on cybersecurity risks

Orrick, Herrington & Sutcliffe LLP on

On June 9, multiple financial services trade associations sent a letter to Treasury Secretary Scott Bessent expressing concerns about cybersecurity risk management practices at federal regulatory agencies following the OCC’s...more

HaystackID

AT&T Customer Data Resurfaces on Dark Web in Enhanced, Decrypted Format

HaystackID on

According to an AT&T spokesperson, this is not accurate. Social Security Numbers and Dates of Birth were already available in plain text in the original compromised dataset from 2024 (in separate files that could be...more

Epiq

From Paper To Practice: The Real Value of a Cyber Incident Response Plan

Epiq on

Cyber incidents are an ever-present threat to organisations of all sizes. While many companies have documented Cyber Incident Response (CIR) plans, they often fall short when it comes to real-world application. Below, we will...more

Jackson Lewis P.C.

Different Country, Same Challenges: Lessons from a Breach That Could Have Been Prevented

Jackson Lewis P.C. on

A recent breach involving Indian fintech company Kirana Pro serves as a reminder to organizations worldwide: even the most sophisticated cybersecurity technology cannot make up for poor administrative data security hygiene....more

McGuireWoods LLP

With Compliance Date for Reg S-P Amendments Looming, Is Your Firm Ready Yet?

McGuireWoods LLP on

Welcome to “SERC’ling Up,” your resource for staying ahead in today’s fast-evolving financial landscape. This newsletter delivers perspectives on the latest enforcement trends, regulatory updates and high-stakes developments...more

Robinson+Cole Data Privacy + Security Insider

Adidas and UChicago Sued Over Data Breaches Caused by Third-Party Vendors

Robinson+Cole Data Privacy + Security Insider on

What do a global sportswear giant and a prestigious medical center have in common? Apparently, a shared struggle defending data breach lawsuits for breaches of sensitive personal information caused by third-party vendors....more

HaystackID

Click. Notify. Exfiltrate. Why the Most Damaging Threats Start in Your Inbox

HaystackID on

Editor’s Note: Email remains the most reliable and comprehensive source of evidence in digital investigations, often providing insights that other platforms cannot. As threats become more sophisticated and data volumes grow,...more

Womble Bond Dickinson

Overseas employees and contractors pose increased risks of data breach

Womble Bond Dickinson on

As data breach litigation continues to increase, companies need to worry about a new point of vulnerability - overseas employees.  Many large companies outsource customer services to India and other low-cost providers to take...more

Jackson Lewis P.C.

Oklahoma Expands its Security Breach Notification Law

Jackson Lewis P.C. on

The Oklahoma State Legislature recently enacted Senate Bill 626, amending its Security Breach Notification Act, effective January 1, 2026, to address gaps in the state’s current cybersecurity framework (the “Amendment”). The...more

Ward and Smith, P.A.

Cyber Liability Insurance: Is It Worth It?

Ward and Smith, P.A. on

In connection with the increase in the number of incidents and attacks, the scope and impact of the incidents and attacks are also growing. With the rise in frequency and impact of cybersecurity incidents and cybercrimes,...more

HaystackID

[Webcast Transcript] Faster Finds, Fewer Files: A Smarter Approach to Email Investigations

HaystackID on

Editor’s Note: As digital threats become increasingly sophisticated and data volumes continue to surge, email remains a cornerstone of modern investigations. In this timely webcast, HaystackID® experts John Wilson and Rene...more

Robinson+Cole Data Privacy + Security Insider

U.S. Retailers Bracing for Scattered Spider Attacks

Robinson+Cole Data Privacy + Security Insider on

Google sent out a warning that the cybercriminal group Scattered Spider is targeting U.S.-based retailers. Scattered Spider is believed to have been responsible for the recent attack on Marks & Spencer in the U.K. A security...more

Dacheng

China Monthly Data Protection Update: May 2025

Dacheng on

This monthly report outlines key developments in China’s data protection sector for May. The following events merit special attention...more

Robinson+Cole Data Privacy + Security Insider

Data Breach Lawsuits Surge Against Chord Specialty Dental Partners

Robinson+Cole Data Privacy + Security Insider on

Pennsylvania-based Chord Specialty Dental Partners is under fire after a September 2024 data breach compromised the personal information of over 173,000 individuals. At least seven proposed class action lawsuits have been...more

BakerHostetler

Data Governance: Practical Considerations for a Reasonable Security Program

BakerHostetler on

Imagine receiving an email from an unknown actor claiming to have taken approximately 2 terabytes of data from your organization’s network. The threat actor provides a file tree and sample files to substantiate its claim....more

BakerHostetler

DSIR: Deeper Dive into the Data

BakerHostetler on

Every year, BakerHostetler collects, analyzes and compares key metrics on the incident response matters we handled in the prior year. The Data Security Incident Response (DSIR) Report presents key findings and trends, along...more

Robinson+Cole Data Privacy + Security Insider

FTC Order with GoDaddy Finalized Over Lax Data Security

Robinson+Cole Data Privacy + Security Insider on

On May 21, 2025, the Federal Trade Commission (FTC) finalized its order with GoDaddy over allegations that GoDaddy “failed to implement standard data security tools and practices to protect customers’ websites and data.” In a...more

Blake, Cassels & Graydon LLP

Nouveau cadre relatif aux incidents de sécurité de l’information à l’intention des institutions financières québécoises

Blake, Cassels & Graydon LLP on

Le 23 avril 2025, le Règlement sur la gestion et le signalement des incidents de sécurité de l’information de certaines institutions financières et des agents d’évaluation du crédit (le « Règlement ») est entré en vigueur au...more

Baker Donelson

Privilege Under Fire: Protecting Forensic Reports in the Wake of a Data Breach

Baker Donelson on

In the chaos following a cyberattack, forensic reports are often pulled together under intense pressure and can assist companies in responding to and remediating the incident. However, if you're not careful, these reports...more

Orrick, Herrington & Sutcliffe LLP

OIG makes seven recommendations for CFPB following major incident

Orrick, Herrington & Sutcliffe LLP on

On May 5, the OIG for the Fed authored a report with several recommendations for the CFPB following a major security incident regarding confidential supervisory information (CSI). The OIG issued four findings with seven...more

5,343 Results
 / 
View per page
Page: of 214
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide