News & Analysis as of

Data Breach

Robinson+Cole Data Privacy + Security Insider

Why Dumping Sensitive Data on Network Shares is a Liability

Are you storing sensitive data on a shared network drive? If so, your organization could be at serious risk of a data breach or privacy lawsuit. Shared drives, like the common “S:\ drive,” are often used to store documents,...more

Dacheng

China Monthly Data Protection Update: June 2025

Dacheng on

This monthly report outlines key developments in China’s data protection sector for June. TC260 Two Cybersecurity Practice Guidelines on Personal Information Protection Compliance Audits: On May 19, 2025, TC260 issued two...more

Clark Hill PLC

Right To Know - June 2025, Vol. 30

Clark Hill PLC on

Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed. State Action: North Dakota Passes Law...more

BakerHostetler

[Podcast] 2025 DSIR Deeper Dive: Deeper Dive into the Data

BakerHostetler on

We’re back with a deeper dive into the 2025 Data Security Incident Response Report, which features insights and metrics from more than 1,250 incidents in 2024. This episode dives deeper into the data, including network...more

McCarter & English, LLP

Don’t Get Caught in Scattered Spider’s Web

The cybercrime group known as Scattered Spider is at it again, according to Google’s Threat Intelligence Group. This criminal group is known to focus its cyber attacks on one sector at a time. Last spring, it was the retail...more

Saul Ewing LLP

HHS OCR Continues Active HIPAA Enforcement with Three New Settlements

Saul Ewing LLP on

In the past several weeks, the U.S. Department of Health and Human Services ("HHS"), Office for Civil Rights ("OCR") has announced settlements with three health care organizations — Comstar, LLC ("Comstar"); Guam Memorial...more

Health Care Compliance Association (HCCA)

From $5,000 to $800,000: Days Apart, OCR Security Settlements Show Puzzling Math

A single incident that may have started as a personal vendetta or an extortion threat seven years ago has cost a Florida health care system $800,000, and comes on the heels of an unrelated breach suffered by a different...more

Herbert Smith Freehills Kramer

Protecting your business: The implications of Australia’s new privacy tort

On 10 June 2025, the new statutory tort for serious invasions of privacy came into force as part of a suite of privacy reforms passed last year, substantially enhancing privacy protections and signalling a material shift in...more

Sheppard Mullin Richter & Hampton LLP

North Dakota Passes New Data Security Law for “Financial Corporations”

North Dakota recently passed a law establishing new rules for certain financial companies operating in the state – specifically “financial corporations.” The new obligations will take effect on August 1, 2025. They will apply...more

K&L Gates LLP

Pay the Price, Now ‘Fess Up’: Reporting Obligations for Ransomware Payments Are Live

K&L Gates LLP on

As of 29 May 2025, the requirement on businesses to report ransomware payments they make has come into effect. What is the Requirement? If a reporting business entity becomes impacted by a cyber security incident and ends up...more

Hogan Lovells

Class action waiver prevails: Fourth Circuit reverses certification in Marriott data breach litigation again

Hogan Lovells on

The Fourth Circuit (again) de-certified classes in the Marriott Data Breach Litigation. As further described below, the court held that the class action waiver at issue in the case was valid, not prohibited by Rule 23, and...more

Orrick, Herrington & Sutcliffe LLP

Financial services industry trade groups pen letter to Treasury Secretary Bessent on cybersecurity risks

On June 9, multiple financial services trade associations sent a letter to Treasury Secretary Scott Bessent expressing concerns about cybersecurity risk management practices at federal regulatory agencies following the OCC’s...more

HaystackID

AT&T Customer Data Resurfaces on Dark Web in Enhanced, Decrypted Format

HaystackID on

According to an AT&T spokesperson, this is not accurate. Social Security Numbers and Dates of Birth were already available in plain text in the original compromised dataset from 2024 (in separate files that could be...more

Epiq

From Paper To Practice: The Real Value of a Cyber Incident Response Plan

Epiq on

Cyber incidents are an ever-present threat to organisations of all sizes. While many companies have documented Cyber Incident Response (CIR) plans, they often fall short when it comes to real-world application. Below, we will...more

K2 Integrity

[Webinar] Information Leaks: How to Respond, Investigate, and Protect Your Business - June 25th, 9:00 am ET

K2 Integrity on

Information leaks can range from exposures of internal decisions and salary data to the disclosure of intellectual property, strategy documents, or board minutes. Whether accidental or intentional, these leaks demand...more

Katten Muchin Rosenman LLP

New Serious Invasion of Privacy Tort in Australia for Privacy Comes Into Effect

In late 2024, the Australian Government enacted a series of reforms to the Privacy Act 1988 (Cth). The new statutory tort for serious invasion of privacy was introduced and passed under the Privacy and Other Legislation...more

Jackson Lewis P.C.

Different Country, Same Challenges: Lessons from a Breach That Could Have Been Prevented

Jackson Lewis P.C. on

A recent breach involving Indian fintech company Kirana Pro serves as a reminder to organizations worldwide: even the most sophisticated cybersecurity technology cannot make up for poor administrative data security hygiene....more

Harris Beach Murtha PLLC

NY Attorney General Focuses on Corporate Conduct Over Past Six Months

Over the past six months, the New York Attorney General Letitia James has directed her efforts to certain issues, and there is an observable pattern that she is focusing on consumer protection, privacy rights and monopolistic...more

ArentFox Schiff

OCR’s Risk Analysis Initiative: Lessons From Recent HIPAA Enforcement Actions

ArentFox Schiff on

Health care organizations are under pressure to shore up their cybersecurity response efforts. Much of this pressure is coming from the US Department of Health and Human Services Office for Civil Rights (OCR), which has made...more

Foley & Lardner LLP

State Data Breach Notification Laws - June 2025

Foley & Lardner LLP on

While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more

Spilman Thomas & Battle, PLLC

The Health Record - Healthcare Law Insights, V 2, Issue 6, June 2025

Welcome to our sixth issue of 2025 of The Health Record -- our healthcare law insights e-newsletter. In this edition, we look at the impact of supply chain and tariff issues on the industry, the veto of Florida's...more

McGuireWoods LLP

With Compliance Date for Reg S-P Amendments Looming, Is Your Firm Ready Yet?

McGuireWoods LLP on

Welcome to “SERC’ling Up,” your resource for staying ahead in today’s fast-evolving financial landscape. This newsletter delivers perspectives on the latest enforcement trends, regulatory updates and high-stakes developments...more

Robinson+Cole Data Privacy + Security Insider

Adidas and UChicago Sued Over Data Breaches Caused by Third-Party Vendors

What do a global sportswear giant and a prestigious medical center have in common? Apparently, a shared struggle defending data breach lawsuits for breaches of sensitive personal information caused by third-party vendors....more

Baker Donelson

Insider Threats Are Just as Dangerous as Ransomware – Lessons from the Latest OCR HIPAA Settlement

Baker Donelson on

What's New? On May 28, 2025, the U.S. Department of Health and Human Services' Office for Civil Rights (OCR) announced an $800,000 settlement with a large Florida-based health care provider over potential violations of the...more

HaystackID

Click. Notify. Exfiltrate. Why the Most Damaging Threats Start in Your Inbox

HaystackID on

Editor’s Note: Email remains the most reliable and comprehensive source of evidence in digital investigations, often providing insights that other platforms cannot. As threats become more sophisticated and data volumes grow,...more

8,770 Results
 / 
View per page
Page: of 351

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide