News & Analysis as of

Data Breach Data Security Enforcement Actions

Dacheng

China Monthly Data Protection Update: May 2025

Dacheng on

This monthly report outlines key developments in China’s data protection sector for May. The following events merit special attention...more

Robinson+Cole Data Privacy + Security Insider

FTC Order with GoDaddy Finalized Over Lax Data Security

On May 21, 2025, the Federal Trade Commission (FTC) finalized its order with GoDaddy over allegations that GoDaddy “failed to implement standard data security tools and practices to protect customers’ websites and data.” In a...more

Alston & Bird

The Digital Download – Alston & Bird’s Privacy & Data Security Newsletter – May 2025

Alston & Bird on

Selected U.S. Privacy & Cyber Updates - DOJ Settles False Claims Act Case with MORSECORP over Cybersecurity Program - On March 26, 2025, the U.S. Department of Justice (DOJ) announced that it had reached an agreement with...more

HaystackID

Ransomware Unveiled: How the LockBit Breach Exposes the Digital Extortion Economy

HaystackID on

xThe cybersecurity community has witnessed a significant development with the recent compromise of LockBit’s operational infrastructure, providing extraordinary visibility into one of the most sophisticated...more

Alston & Bird

UK Data Protection Regulator Fines UK Law Firm ~$80,000 Following Ransomware Incident

Alston & Bird on

On April 14, 2025, the UK data protection regulator (the Information Commissioner’s Office (“ICO”)) fined DPP Law (“DPP”) £60,000 (approximately $80,000) following a ransomware incident. In its penalty notice, the ICO found...more

Paul Hastings LLP

NFL Draft Provides Wake-Up Call on Protecting Confidential Information While Working Remotely

Paul Hastings LLP on

Last week’s NFL draft highlighted more than the accomplishments of athletes at the combine or on the field. While there was extensive coverage of the merits of each player, one of the major headlines coming out of the draft...more

Robinson+Cole Data Privacy + Security Insider

Northeast Radiology Settles with OCR

The Office for Civil Rights (OCR) announced on April 10, 2025, that it has settled alleged HIPAA Security Rule violations with Northeast Radiology for $350,000....more

Clark Hill PLC

Right To Know - April 2025, Vol. 28

Clark Hill PLC on

Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed. ...more

Sheppard Mullin Richter & Hampton LLP

Auto Insurer Settles With New York AG Over Insurance Application Platform Security Issues

The New York Attorney General recently entered into an assurance of discontinuance with Root Insurance Company following a 2021 data incident. According to the AG, the threat actors obtained people’s drivers’ license numbers...more

Alston & Bird

UK’s Data Protection Regulator Fines a UK SaaS Provider ~$4 Million Following a Ransomware Incident

Alston & Bird on

On March 26, 2025, the UK data protection regulator (the Information Commissioner’s Office (“ICO”)) fined Advanced Computer Software Group Ltd (“Advanced”) £3.07 million (approximately $4 million). In 2022, Advanced suffered...more

Cozen O'Connor

NY Settles With Insurer on Data Breach Rooted in Security Deficiencies

Cozen O'Connor on

New York AG Letitia James settled with Root Insurance Company to resolve allegations that the company’s data security deficiencies led to a 2021 data breach involving 72,000 people, in violation of state consumer protection...more

Foley Hoag LLP - Security, Privacy and the...

HHS OCR Settles HIPAA Security Rule Investigation with Health Fitness Corporation

On March 21, 2025, the U.S. Department of Health and Human Services’ Office for Civil Rights (OCR) announced a settlement of HIPAA security rule claims involving Health Fitness Corporation (Health Fitness). Health Fitness...more

Morrison & Foerster LLP

2024 State AGs Year in Review

In 2024, state attorneys general (State AGs) focused on a broad variety of areas and industries including, in particular, emerging industries such as artificial intelligence (AI) and privacy and social media protections....more

Baker Botts L.L.P.

Ninth Circuit Upholds Conviction of Former Uber Security Chief Joseph Sullivan in Connection with 2016 Uber Data Security Breach

Baker Botts L.L.P. on

On March 13, 2025, a three-judge panel of the U.S. Court of Appeals for the Ninth Circuit unanimously upheld the conviction of former Uber Chief Security Officer Joseph Sullivan. The ruling affirms Sullivan’s 2022 conviction...more

Proskauer on Privacy

Proskauer on Privacy: 2024 Reflections & 2025 Predictions

Proskauer on Privacy on

2024 marked another significant year for privacy law, with new state legislation and high-stakes litigation reshaping the landscape. Legal battles over tracking technologies, biometric data, and children’s privacy...more

Shook, Hardy & Bacon L.L.P.

OCR Enforcement Activity: Trends and Insights From a Limited Sample

Arecent report put the odds of an asteroid hitting the earth in December 2032 at 3.1%—which is 3,100 times more likely than an organization resolving an enforcement action with the U.S. Department of Health and Human...more

Nilan Johnson Lewis PA

Nine Steps Healthcare Entities Should Take to Prevent Cyberattacks

Nilan Johnson Lewis PA on

The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently imposed a $1.5 million civil money penalty against Warby Parker, Inc., a manufacturer and online retailer of eyewear, for...more

WilmerHale

Health Data Privacy & Security: A Look Back at the Final Enforcement Push From HHS Under the Biden Administration

WilmerHale on

In the final days of the Biden Administration, the U.S. Department of Health and Human Services Office for Civil Rights (“HHS OCR”) remained active in resolving a large number of investigations, reflecting the agency’s...more

Robinson+Cole Data Privacy + Security Insider

FTC Takes Action Against GoDaddy for Alleged Lax Data Security

The Federal Trade Commission (FTC) issued a proposed settlement order against GoDaddy alleging that it “has failed to implement reasonable and appropriate security measures to protect and monitor its website-hosting...more

Health Care Compliance Association (HCCA)

With Nod to OCR, Indiana Inks $350K Deal With Dental Firm Following Hack

Recent federal enforcement actions have brought home the lesson that there’s really no acceptable reason for denying a patient timely access to medical records. Last year, for example, the HHS Office for Civil Rights (OCR)...more

Saul Ewing LLP

Two CMPs and One Settlement Close Out 2024 HIPAA Enforcement

Saul Ewing LLP on

December 2024 was an active month for the U.S. Department of Health and Human Services ("HHS"), Office for Civil Rights ("OCR"). OCR announced (i) a $1.19 million civil monetary penalty ("CMP") against Gulf Coast Pain...more

American Conference Institute (ACI)

[Event] 2nd National Conference on Cybersecurity Law & Compliance - January 29th - 30th, Arlington, VA

Cyberattacks are affecting every company and sector. Meanwhile, the regulatory landscape is intensifying as the SEC continues to enforce the cyber-risk management disclosure rules. Every day presents a new compliance and...more

Robinson+Cole Data Privacy + Security Insider

A Year in Privacy and Security: Privacy Violations, Large-Scale Data Breaches, and Big Fines and Settlements

2024 was a year chock-full of data breaches and privacy violations. Many new data privacy and cybersecurity regulations were introduced (and became effective), and regulators sent a strong message to businesses that privacy...more

Troutman Pepper Locke

Movie Theater Data Breach Leads to Settlement and Class Action Lawsuits

Troutman Pepper Locke on

New York Attorney General (AG) Letitia James and global movie theater operator National Amusements, Inc. (National) settled a lawsuit stemming from a 2022 data breach reported by National, which affected 82,128 National...more

Sheppard Mullin Richter & Hampton LLP

New York AG Settles EnforcemENT Action with ENT

The New York Attorney General’s Office recently settled with Albany ENT & Allergy Services over claims that the healthcare provider failed to protect over 200,000 consumers’ private health information. The claims stem from...more

199 Results
 / 
View per page
Page: of 8

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide