The Next FCRA Frontier: Identity Theft and CFPB Updates — FCRA Focus Podcast
Consumer Finance Monitor Podcast Episode: Responding to Direct and Indirect Identity Theft Disputes Under the FCRA: What Are The Differences?
Torres Talks Trade Podcast Episode 9 on U.S. Customs and Border Protection's Global Business Identifier program
Phishing: Cybersecurity’s Biggest Threat
Digging Deeper, Episode 1: The Con Queen of Hollywood
Preserving Black History in Bucks County, PA, with Recorder of Deeds Robin Robinson: On Record PR
What is Consumer Fraud and What Deceptions are Employed?
What Companies Should Do to Prepare for Implementation of Cybersecurity Executive Order
Remote worker fraud is expected to continue to proliferate in 2025. Fully remote hiring and work, particularly in the technology sector, continues to pose unique business and legal risks for companies. Just in December 2024,...more
Class actions arising from data breach represented the fastest growing segment of class action filings. In 2023, more than 2000 class actions were filed, more than triple the amount filed in 2022. These cases were filed in...more
The recent massive data breach at National Public Data (NPD), a background check company, has potentially compromised the personal information of millions, if not billions, of individuals, including their Social Security...more
Kaiser Permanente is notifying 13.4 million current and former members that their personal information may have been compromised when it was transmitted to tech giants Google, Microsoft Bing and X (formerly Twitter) when...more
The FCC has significantly expanded telecommunications carriers’ data breach notification and reporting obligations. Telecommunications carriers, including Voice over Internet Protocol (VoIP) services, and telecommunications...more
According to a press release, Personal Touch, a home health company located on Long Island, has reached a settlement with New York Attorney General Letitia James for $350,000 for a data breach that occurred in January of 2021...more
A former hospital worker in Arizona was sentenced to 54 months in prison and ordered to pay restitution after pleading guilty to two felony counts involving identity theft and health information disclosure. In the plea deal,...more
The term “metaverse” first appeared in 1992 as an abstract concept in Neal Stephenson’s dystopian novel Snow Crash. Two decades later, the Metaverse has since evolved from a mere idea to a figment of everyday reality, as it...more
CYBERSECURITY - Health Care Organizations Warned of Venus Ransomware - The Health Care Sector Cybersecurity Coordination Center (IC3) recently released an Analyst’s Note to health care organizations providing information...more
The Federal Trade Commission (“FTC”) announced on Monday that it is settling a case against Drizly and its CEO stemming from a 2020 data breach that impacted roughly 2.5 million consumers. The proposed order not only...more
The Third Circuit Court of Appeals has given new life to a putative class action suit led by a former employee of a company that suffered a ransomware attack, leading to her sensitive information being released onto the Dark...more
CYBERSECURITY - CISA + MS-ISAC Alert: Threat Actors Exploiting Zimbra Collaboration Suite - On August 16, 2022, CISA (the Cybersecurity and Infrastructure Security Agency) and the Multi-State Information Sharing & Analysis...more
CYBERSECURITY - Cloaked Ursa Using Trusted Online Storage Services to Evade Detection - According to research by Palo Alto’s Unit 42, the most recent campaign by advanced persistent threat Cloaked Ursa (aka APT 20,...more
According to the 2022 State of Ransomware Report issued recently by Sophos, it surveyed 5,600 IT professionals from 31 countries, including professionals in the health care sector. Those professionals in the health care...more
The University of Pittsburgh Medical Center (UPMC) recently settled a data breach class action for $450,000 stemming from a 2020 data breach that led to the compromise of about 36,000 UPMC patients....more
CYBERSECURITY - Intelligence Points to Likely Russian Attacks on Critical Infrastructure - The cybersecurity authorities of the United States (including CISA, FBI, NSA and DOE), Australia, Canada, New Zealand, and the...more
CYBERSECURITY - CISA/FBI Advisory Warns of Destructive Malware Used Against Ukraine - The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI issued a joint advisory this week alerting organizations of...more
Risk Management Question - What are some of the newest hacking scams that may affect law firms and other businesses? The Issue - On October 27, 2021, the Federal Trade Commission (FTC) issued warnings to be on alert...more
While some states have enacted privacy laws granting consumers the right to bring a private right of action in a data breach context, federal courts have struggled to fit data breach injury into traditional Article III...more
Many employers are facing growing problems with identity theft in a new way: data is being used to file false claims including requests for job service benefits and SBA loans through the PPP, among others. To address this...more
Earlier this month, the Eleventh Circuit, in Tsao v. Captiva MVP Restaurant Partners, LLC, No. 18-14959, 2021 WL 381948 (11th Cir. Feb. 4, 2021), affirmed the dismissal of a class-action lawsuit brought on behalf of patrons...more
I was scrolling through a social media site this week, and was struck by how many requests asked people to respond to questions regarding their biographical information. For example, what was the number one album when you...more
In an opinion that deepens an existing circuit court split, the Eleventh Circuit recently held that the future risk of identity theft is not sufficient to establish Article III standing....more
It is being reported that the Office of the Washington State Auditor (SAO) is investigating a security incident, allegedly caused by a third-party vendor, that may have compromised the personal information of up to 1.6...more
On September 15, 2020, the SEC’s Office of Compliance Inspections and Examinations (OCIE) issued a Risk Alert highlighting the recent uptick in “credential stuffing” cyber-attacks against SEC-registered investment advisors...more