News & Analysis as of May 6, 2025

Cyber Attacks

+ Follow

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now. less -

MGM Inks $45M Class Action Settlement for 2019 and 2023 Data Breaches

Robinson+Cole Data Privacy + Security Insider on 1/31/2025

MGM Resorts agreed to pay $45 million to settle over a dozen class action lawsuits concerning 2019 and 2023 data breaches. A federal court in Nevada preliminarily approved the settlement, which, according to lawyers, covers...more

Movie Theater Data Breach Leads to Settlement and Class Action Lawsuits

Troutman Pepper Locke on 12/9/2024

New York Attorney General (AG) Letitia James and global movie theater operator National Amusements, Inc. (National) settled a lawsuit stemming from a 2022 data breach reported by National, which affected 82,128 National...more

Oak Valley Hospital Reaches Settlement in Class Action over Data Breach

Robinson+Cole Data Privacy + Security Insider on 11/14/2024

Oak Valley Hospital, located in Oakdale, California, reached a settlement in a class action related to a 2023 data breach. On July 18, 2023, Oak Valley detected suspicious activity on its IT systems. Pursuant to the forensic...more

Right To Know - October 2024, Vol. 22

Clark Hill PLC on 10/25/2024

Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more

Lehigh Valley Health Network Settle Class Action Case for $65M

Robinson+Cole Data Privacy + Security Insider on 9/13/2024

Lehigh Valley Health Network (LVHN) has agreed to settle a class action filed against it following a February 2023 ransomware attack that compromised personal information of patients, including medical and treatment...more

Seven Years After Worldwide NotPetya Attacks, OCR Singles Out PA System, Collects Nearly $1M

Health Care Compliance Association (HCCA) on 8/21/2024

Unleashed on June 27, 2017, NotPetya caused an estimated $10 billion in damages globally, among the costliest ransomware attacks in history. In 2018, the Trump administration—in tandem with the British government—blamed...more

SEC Settlement: Cybersecurity Internal Controls

Patterson Belknap Webb & Tyler LLP on 7/23/2024

On June 18, 2024, the Securities and Exchange Commission (“SEC”) announced a $2.1 million civil penalty settlement of charges against R.R. Donnelley & Sons (“RRD”), a global provider of business communications services and...more

SEC Continues to Zero in on Importance of Data Security Measures and Reporting With Latest $10 Million Penalty

Parker Poe Adams & Bernstein LLP on 6/21/2024

Last month, the Securities and Exchange Commission (SEC) reemphasized just how serious companies must be about maintaining a vigilant cybersecurity posture and procedures to report cyber incidents in a timely manner....more

Intercontinental Exchange Settles with SEC Over Alleged Delay in Notification of Hack

Robinson+Cole Data Privacy + Security Insider on 5/28/2024

Intercontinental Exchange, Inc. (ICE), the owner of the New York Stock Exchange, has agreed to settle with the Securities and Exchange Commission (SEC) for $10 million over allegations that it failed to timely notify the SEC...more

Plaintiffs Request Court Approval of $8.7M Settlement in ERISA Class Action Cyberattack Lawsuit

Holland & Knight LLP on 4/2/2024

Multi-employer plan participants involved in an Employee Retirement Income Security Act of 1974 (ERISA) class action lawsuit against Horizon Actuarial Services LLC (Horizon), a national retirement services firm, have entered...more

Employees’ Misdeeds, Lack of Risk Analysis Cost NY Hospital $4.75M; OCR Issues Warning

Health Care Compliance Association (HCCA) on 3/12/2024

Although the HHS Office for Civil Rights (OCR) described its recent $4.75 million agreement with a Bronx, New York, hospital as settling a “malicious insider cybersecurity investigation,” the agency considered a total of 11...more

Right To Know - January 2024, Vol. 13

Clark Hill PLC on 1/11/2024

Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more

Merck-Settlement of $1.4 Billion Coverage Dispute Over NotPetya Cyberattack Places Renewed Spotlight on War Exclusions in 2024

McGuireWoods LLP on 1/9/2024

Last week, Merck & Co. filed documents with the Supreme Court of New Jersey indicating that it reached a settlement with its “all risk” property insurers in a long-running coverage dispute involving over $1.4 billion in...more

OCR Settles First Phishing Cyber-Attack Investigation with a Louisiana Medical Group

Arnall Golden Gregory LLP on 12/14/2023

On December 7, 2023, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) announced its first-ever settlement involving a phishing attack under the Health Insurance Portability and...more

HHS Settles with Doctors’ Management Services Over Ransomware Attack

Robinson+Cole Data Privacy + Security Insider on 11/10/2023

On October 31, 2023, the Office for Civil Rights (OCR) issued a press release announcing that it has settled with Doctors’ Management Services for $100,000 following a ransomware attack that compromised the protected health...more

Privacy Briefs: October 2023

Health Care Compliance Association (HCCA) on 10/6/2023

Report on Patient Privacy 23, no. 10 (October, 2023) Kaiser Foundation Health Plan Inc. and Kaiser Foundation Hospitals will pay California $49 million to resolve allegations that they unlawfully disposed of hazardous waste,...more

Decoded: Technology Law Insights - V 4, Issue 4, April 2023

Spilman Thomas & Battle, PLLC on 4/25/2023

Tech Vendors and Cybersecurity – Are They Responsible? It has long been recommended that when you contract with a technology vendor that you include an indemnity clause in the contract wherein the vendor will indemnify you...more

Learning From Data Breach Cases To Reduce Legal Risk

Rothwell, Figg, Ernst & Manbeck, P.C. on 1/4/2023

The average cost of a data breach is on the rise. According to the 2022 ForgeRock Consumer Identity Breach Report, the average cost in 2021 of recovering from a data breach in the U.S. is $9.5 million — an increase of 16%...more

NYDFS’s $4.5 Million EyeMed Cyber Settlement Reminder To Industry

Sheppard Mullin Richter & Hampton LLP on 11/2/2022

In a recent settlement with the New York Department of Financial Services, EyeMed Vision Care LLC agreed to pay a $4.5 million penalty and undertake remedial measures to increase its cybersecurity. This includes undertaking...more

The Digital Download – Alston & Bird’s Privacy, Cyber & Data Strategy Newsletter – May 2021

Alston & Bird on 5/14/2021

Selected Developments in U.S. Law - NYDFS Issues Report on the SolarWinds Attack and Covered Entities’ Responses Following the SolarWinds cyber espionage attack and the resulting focus on supply chain risk, the New York...more

New York DFS Fines Mortgage Lender in Cybersecurity Enforcement Action

Patterson Belknap Webb & Tyler LLP on 3/12/2021

New York’s Department of Financial Services (“DFS”) announced on Wednesday, March 3, 2021, that an independent mortgage lender, Residential Mortgage Services Inc. (“RMS”), has agreed to pay a $1.5 million fine to the agency...more

NYDFS Reports Major Cybersecurity Settlement

Alston & Bird on 3/12/2021

In early March, the New York Department of Financial Services (NYDFS) announced a settlement involving a $1.5M penalty and mandatory remediation in response to a mortgage lender’s alleged failure to report a cyber breach, and...more

New York Department of Financial Services Announces $1.5 Million Settlement of Second Cybersecurity Enforcement Action

Faegre Drinker Biddle & Reath LLP on 3/8/2021

On March 3, 2021, the New York State Department of Financial Services (NYDFS) announced a settlement with Residential Mortgage Services, Inc. (RMS) for $1.5 million in connection with its violation of the NYDFS Cybersecurity...more

Online Retailer Settles with State Attorneys General Over Security Incident

Troutman Pepper Locke on 1/6/2021

Seven state attorneys general, led by New York Attorney General Letisha James, reached a settlement with Residual Pumpkin Entity LLC (formerly known as CafePress LLC) (“CafePress”), related to a 2019 data security incident,...more

Travel Giant Sabre Reaches Deal with State Attorneys General Over Data Breach

Sheppard Mullin Richter & Hampton LLP on 1/5/2021

The travel giant Sabre Corp. has reached an agreement with multiple State Attorneys General to pay $2.4 million and make certain changes in its cybersecurity policies to settle a multi-state investigation into a 2017 data...more

52 Results

View per page

Page: of 3

Cybersecurity › Settlement › Cyber Attacks

"My best business intelligence, in one easy email…"