The Next FCRA Frontier: Identity Theft and CFPB Updates — FCRA Focus Podcast
Consumer Finance Monitor Podcast Episode: Responding to Direct and Indirect Identity Theft Disputes Under the FCRA: What Are The Differences?
Torres Talks Trade Podcast Episode 9 on U.S. Customs and Border Protection's Global Business Identifier program
Phishing: Cybersecurity’s Biggest Threat
Digging Deeper, Episode 1: The Con Queen of Hollywood
Preserving Black History in Bucks County, PA, with Recorder of Deeds Robin Robinson: On Record PR
What is Consumer Fraud and What Deceptions are Employed?
What Companies Should Do to Prepare for Implementation of Cybersecurity Executive Order
In recent news, New York’s Stram Center for Integrative Medicine reported a security incident involving an employee misusing a patient’s payment card information. According to a breach report filed with the U.S. Department of...more
Last week, a class action was filed against NewsBank, Inc., a Florida-based news database company, related to a 2024 breach of employee personal information. NewsBank provides a database of archived news publications...more
We have repeatedly warned our readers about malicious QR codes and their use by threat actors. Threat actors are now using these codes to disguise packages as gifts....more
A massive data breach hit one of the country’s largest education software providers. According to EducationWeek, PowerSchool provides school software products to more than 16,000 customers, largely K-12 schools, that serve 50...more
On December 21, 2024, while many Americans were busy signing holiday cards and exchanging gifts, New York Governor Kathy Hochul was signing six significant pieces of legislation aimed at enhancing online safety and...more
Each of the 50 states has its own definition of what constitutes a reportable data breach. For some, it requires “unauthorized access” to personal information. For others, it requires “unauthorized acquisition.” And then,...more
The Internal Revenue Service (IRS) has begun the process of informing over 70,000 taxpayers that their confidential tax information was leaked in a widespread breach by a former IRS contractor. Those impacted should take...more
Kaiser Permanente is notifying 13.4 million current and former members that their personal information may have been compromised when it was transmitted to tech giants Google, Microsoft Bing and X (formerly Twitter) when...more
CYBERSECURITY - Joint Advisory Warns of Snatch Ransomware - The FBI and CISA issued a Joint Cybersecurity Advisory “#StopRansomware: Snatch Ransomware” on September 20, 2023. The Advisory outlines the indicators of...more
CYBERSECURITY - Joint Commission Issues Alert on Patient Safety After a Cyber-Attack - On August 15, 2023, the Joint Commission issued a Sentinel Event Alert entitled “Preserving patient safety after a cyberattack,”...more
A 34-page class action was filed against Blackhawk Network for a data breach that occurred on MyPrepaidCenter.com in September of this year. The plaintiffs allege that Blackhawk Network’s failure to prevent or detect this...more
CYBERSECURITY - Health Care Organizations Warned of Venus Ransomware - The Health Care Sector Cybersecurity Coordination Center (IC3) recently released an Analyst’s Note to health care organizations providing information...more
The Federal Trade Commission (“FTC”) announced on Monday that it is settling a case against Drizly and its CEO stemming from a 2020 data breach that impacted roughly 2.5 million consumers. The proposed order not only...more
CYBERSECURITY - CISA + MS-ISAC Alert: Threat Actors Exploiting Zimbra Collaboration Suite - On August 16, 2022, CISA (the Cybersecurity and Infrastructure Security Agency) and the Multi-State Information Sharing & Analysis...more
ACTS Retirement Services, Inc. (ACTS), a non-profit corporation that manages retirement communities, suffered a data breach in April 2022, which led to unauthorized access to thousands of current and former employees’...more
Unjected, a dating app and the “largest unvaccinated platform” online, apparently left its entire website’s back end unsecured. Security researchers, working with Daily Dot reporters, reportedly accessed the site’s...more
CYBERSECURITY - Cloaked Ursa Using Trusted Online Storage Services to Evade Detection - According to research by Palo Alto’s Unit 42, the most recent campaign by advanced persistent threat Cloaked Ursa (aka APT 20,...more
Online mortgage lender Lending Tree sent breach notification letters to affected individuals on June 29, 2022. The letter advises those persons that their name, social security number...more
The University of Pittsburgh Medical Center (UPMC) recently settled a data breach class action for $450,000 stemming from a 2020 data breach that led to the compromise of about 36,000 UPMC patients....more
Recently, San Diego Family Care (SDFC) settled a class action related to a 2020 data breach for $1 million. The class includes all SDFC patients (or their parents/guardians) who received a breach notification in May 2021....more
Last week, Mediant Communications Inc. (Mediant) settled a class action lawsuit in the U.S. District Court for the Southern District of New York stemming from a 2019 data breach in which hackers accessed 200,000 individuals’...more
CYBERSECURITY - Intelligence Points to Likely Russian Attacks on Critical Infrastructure - The cybersecurity authorities of the United States (including CISA, FBI, NSA and DOE), Australia, Canada, New Zealand, and the...more
CYBERSECURITY - Chinese APT41 Attacking State Networks - Although we are receiving frequent alerts from CISA and the FBI about the potential for increased cyber threats coming out of Russia, China continues its cyber...more
New York recently passed legislation to amend the definition of elder abuse to include identity theft. This is important as an acknowledgement of the seriousness of the problem of identity theft involving the elderly, and the...more
On March 2, 2022, California Attorney General Rob Bonta urged individuals affected by the T-Mobile breach in 2021 to take advantage of resources to assist with preventing or responding to identity theft. According to the...more