News & Analysis as of

Cybersecurity Enforcement Actions Ransomware

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
HaystackID

Ransomware Unveiled: How the LockBit Breach Exposes the Digital Extortion Economy

HaystackID on

xThe cybersecurity community has witnessed a significant development with the recent compromise of LockBit’s operational infrastructure, providing extraordinary visibility into one of the most sophisticated...more

Spilman Thomas & Battle, PLLC

Decoded - Technology Law Insights, V 6, Issue 4, April 2025

Spilman Thomas & Battle, PLLC on

Welcome to our fourth issue of 2025 of Decoded - our technology law insights e-newsletter. We hope you enjoy this issue and thank you for reading. Sector by Sector: How Data Breaches are Wrecking Bottom Lines - “Data...more

Clark Hill PLC

Right To Know - April 2025, Vol. 28

Clark Hill PLC on

Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed. ...more

Alston & Bird

UK’s Data Protection Regulator Fines a UK SaaS Provider ~$4 Million Following a Ransomware Incident

Alston & Bird on

On March 26, 2025, the UK data protection regulator (the Information Commissioner’s Office (“ICO”)) fined Advanced Computer Software Group Ltd (“Advanced”) £3.07 million (approximately $4 million). In 2022, Advanced suffered...more

Skadden, Arps, Slate, Meagher & Flom LLP

UK GDPR Regulator Fines Data Processor After Ransomware Attack

Skadden, Arps, Slate, Meagher & Flom LLP on

On 27 March 2025, the UK Information Commissioner’s Office (ICO) issued a £3.07 million fine to an IT services provider following a ransomware attack in 2022 that affected the company’s health care business. The ransomware...more

Clark Hill PLC

Right To Know - March 2025, Vol. 27

Clark Hill PLC on

Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more

Shook, Hardy & Bacon L.L.P.

OCR Enforcement Activity: Trends and Insights From a Limited Sample

Shook, Hardy & Bacon L.L.P. on

Arecent report put the odds of an asteroid hitting the earth in December 2032 at 3.1%—which is 3,100 times more likely than an organization resolving an enforcement action with the U.S. Department of Health and Human...more

Robinson+Cole Data Privacy + Security Insider

Criminal Charges Lodged Against Alleged Phobos Ransomware Affiliates

Robinson+Cole Data Privacy + Security Insider on

Unfortunately, I’ve had unpleasant dealings with the Phobos ransomware group. My interactions with Phobos have been fodder for a good story when I educate client employees on recent cyber-attacks to prevent them from becoming...more

Health Care Compliance Association (HCCA)

With Nod to OCR, Indiana Inks $350K Deal With Dental Firm Following Hack

Health Care Compliance Association (HCCA) on

Recent federal enforcement actions have brought home the lesson that there’s really no acceptable reason for denying a patient timely access to medical records. Last year, for example, the HHS Office for Civil Rights (OCR)...more

Hogan Lovells

Slew of OCR activity underscores agency’s focus on security and AI

Hogan Lovells on

Recent enforcement actions, audit activity, proposed rulemakings, and guidance issued by the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) highlight the agency’s focus on health data...more

American Conference Institute (ACI)

[Event] 2nd National Conference on Cybersecurity Law & Compliance - January 29th - 30th, Arlington, VA

American Conference Institute (ACI) on

Cyberattacks are affecting every company and sector. Meanwhile, the regulatory landscape is intensifying as the SEC continues to enforce the cyber-risk management disclosure rules. Every day presents a new compliance and...more

Robinson+Cole Data Privacy + Security Insider

A Year in Privacy and Security: Privacy Violations, Large-Scale Data Breaches, and Big Fines and Settlements

Robinson+Cole Data Privacy + Security Insider on

2024 was a year chock-full of data breaches and privacy violations. Many new data privacy and cybersecurity regulations were introduced (and became effective), and regulators sent a strong message to businesses that privacy...more

Clark Hill PLC

Right To Know - December 2024, Vol. 24

Clark Hill PLC on

Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more

Saul Ewing LLP

Emergency Medical Service Provider Agrees to Pay a $90,000 HIPAA Settlement Following Ransomware Attack

Saul Ewing LLP on

On November 1, 2024, the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) announced a $90,000 settlement with Bryan County Ambulance Authority (“BCAA”), a provider of emergency medical...more

Clark Hill PLC

Right To Know - October 2024, Vol. 22

Clark Hill PLC on

Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more

Saul Ewing LLP

Medical Practice Agrees to Pay $250,000 HIPAA Settlement Following Ransomware Attack

Saul Ewing LLP on

In late September 2024, the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) announced a settlement with Cascade Eye and Skin Centers, P.C., a health care provider in the state of...more

Clark Hill PLC

Right To Know - September 2024, Vol. 21

Clark Hill PLC on

Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more

Alston & Bird

The Digital Download – Alston & Bird’s Privacy & Data Security Newsletter – August 2024

Alston & Bird on

Selected U.S. Privacy and Cyber Updates - New York AG Seeks Comments on Rulemaking for Minors’ Online Protection Laws - On August 1, 2024, New York Attorney General Letitia James issued two advanced notices of proposed...more

Patterson Belknap Webb & Tyler LLP

SEC Settlement: Cybersecurity Internal Controls

Patterson Belknap Webb & Tyler LLP on

On June 18, 2024, the Securities and Exchange Commission (“SEC”) announced a $2.1 million civil penalty settlement of charges against R.R. Donnelley & Sons (“RRD”), a global provider of business communications services and...more

Troutman Pepper Locke

SEC Issues Additional Guidance Regarding Cybersecurity Incident Disclosure

Troutman Pepper Locke on

On June 24, the staff of the U.S. Securities and Exchange Commission's (SEC) Division of Corporation Finance (Division of Corporation Finance) released five new Compliance & Disclosure Interpretations (C&DIs) relating to the...more

Alston & Bird

SEC Settlement Suggests the Agency’s Attempt to Regulate Cybersecurity Controls

Alston & Bird on

Does the R.R. Donnelley settlement mean heightened Securities and Exchange Commission (SEC) involvement in regulating public companies’ cybersecurity policies and practices? Our Securities Litigation, Privacy, Cyber & Data...more

BakerHostetler

The SEC’s Regulation of Cybersecurity Continues

BakerHostetler on

The Securities and Exchange Commission entered into a resolution agreement with R.R. Donnelley & Sons (RRD) on June 18, 2024 with RRD agreeing to pay $2.125 million to resolve disclosure and control violations alleged by the...more

Bradley Arant Boult Cummings LLP

Mandatory Cybersecurity Incident Reporting: The Dawn of a New Era for Businesses

Bradley Arant Boult Cummings LLP on

A significant shift in cybersecurity compliance is on the horizon, and businesses need to prepare. Starting in 2024, organizations will face new requirements to report cybersecurity incidents and ransomware payments to the...more

Health Care Compliance Association (HCCA)

Hackers Increasingly Leveraging Threats to Patients to Pressure Health Organizations to Pay Ransom

Health Care Compliance Association (HCCA) on

Cyberhackers—potentially frustrated by their limited ability to extort ransom from health care entities in attacks—have started extorting the patients themselves, threatening them with the release of information or...more

Pillsbury Winthrop Shaw Pittman LLP

New CISA Rule Would Require Widespread Cyber Incident Reporting, Updated Timelines and Penalties for Critical Infrastructure...

Pillsbury Winthrop Shaw Pittman LLP on

Most businesses in the United States will have to file incident reports—including for ransomware payments—under the Proposed Rule. The Department of Homeland Security has the authority to issue subpoenas and even penalties...more

71 Results
 / 
View per page
Page: of 3
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide