No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
Biometric Litigation
Founder of Cyber Security Unity, Member of the Order of the British Empire, and Appreciator of '80s Soap Operas
Illinois Supreme Court Clarifies BIPA Violation Accruals, Opening the Door for “Annihilative” Damage
No Password Required: The Custom T-Shirt-Wearing CEO Who Not Only Appreciates Mega Man ... He Basically Is One
Hybrid Workforces and Compliance with Sheila Limmroth
Legislating Data Privacy Series: A Conversation with Massachusetts Representatives Dave Rogers and Andy Vargas
State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: BIPA Trends in 2022
State Law Privacy Video Series | Applicability
Getting Personal—Wearable Devices, Data, and Compliance
Episode 8: Why brokers, not breaches, are America's greatest privacy threat (with Rob Shavell)
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
Inside Privacy Law: The Regulation of Personal Data
NGE On Demand: Cybersecurity Considerations for Emerging Companies with Michael Gray and David Wheeler
Oklahoma: Changing Data Privacy as We Know It?
The Convergence of AI and Data Privacy in eDiscovery: Using AI and Analytics to Identify Personal Information
Reducing Cybersecurity Burdens with a Customized Data Breach Workflow
Sitting with the C-Suite: Looking Ahead to Potential Compliance Issues Due to COVID-19
New York Attorney General (AG) Letitia James and global movie theater operator National Amusements, Inc. (National) settled a lawsuit stemming from a 2022 data breach reported by National, which affected 82,128 National...more
Oak Valley Hospital, located in Oakdale, California, reached a settlement in a class action related to a 2023 data breach. On July 18, 2023, Oak Valley detected suspicious activity on its IT systems. Pursuant to the forensic...more
Elemetal LLC faces a data breach class action resulting from its alleged failure to implement appropriate security measures, which led to a 2023 breach of approximately 13,000 customers’ personal information. Elemetal is a...more
Ally Financial Inc., a digital financial services company, faces two class action lawsuits in the U.S. District Court for the Western District of North Carolina related to an April 2024 data breach. The suits allege that Ally...more
By now, companies across all industries have become familiar with the lifecycle and stages of a ransomware incident. Generally, once an attack is contained, remediation and rebuilding will follow. Shortly after, the crisis...more
Lehigh Valley Health Network (LVHN) has agreed to settle a class action filed against it following a February 2023 ransomware attack that compromised personal information of patients, including medical and treatment...more
Frontier Communications (Frontier) faces three class action lawsuits in relation to a cyber data breach in which the criminal ransomware group, RansomHub, stole personally identifiable information (PII) of over 750,000...more
Multi-employer plan participants involved in an Employee Retirement Income Security Act of 1974 (ERISA) class action lawsuit against Horizon Actuarial Services LLC (Horizon), a national retirement services firm, have entered...more
Amazon Sued for Not Telling New York Store Customers about Tracking Biometrics - “Thanks to a 2021 law, New York is the only major American city to require businesses to post signs letting customers know they’re tracking...more
The average cost of a data breach is on the rise. According to the 2022 ForgeRock Consumer Identity Breach Report, the average cost in 2021 of recovering from a data breach in the U.S. is $9.5 million — an increase of 16%...more
CYBERSECURITY - Twilio Hit with Social Engineering Smishing Scheme - We’ve explained smishing schemes before. Smishing is like phishing, but uses SMS texting to deliver malicious code to users’ phones, or tricks the user...more
ACTS Retirement Services, Inc. (ACTS), a non-profit corporation that manages retirement communities, suffered a data breach in April 2022, which led to unauthorized access to thousands of current and former employees’...more
Last week, New York federal judge Vincent L. Bricetti dismissed a data breach class action against Northeast Radiology PC (northeast) and Alliance HealthCare Services (Alliance) because the plaintiffs failed to allege a...more
In the U.S. District Court for the Central District of California last week, SuperCare Health, Inc. was hit with another proposed class action based on a data breach that allegedly compromised the personal and health...more
Last week, Mediant Communications Inc. (Mediant) settled a class action lawsuit in the U.S. District Court for the Southern District of New York stemming from a 2019 data breach in which hackers accessed 200,000 individuals’...more
Report on Patient Privacy 22, no. 1 (January, 2022) - New Jersey issued its third settlement in three months on state-level health care privacy and security laws, announcing that three cancer care providers would adopt new...more
A professional accounting firm in Illinois received an unwanted holiday “gift” in the form of a class action complaint stemming from its alleged failure to secure personally identifiable information (PII) and to timely notify...more
FabFitFun, a fashion and beauty subscription service, settled claims that it failed to adequately protect and secure consumer data resulting in a data breach for a sum of $625,000 in the U.S. District Court for the Central...more
Report on Patient Privacy 21 no. 9 (September, 2021) - DuPage Medical Group in Chicago said that the personal information of more than 600,000 patients may have been compromised in a July cyberattack. The medical group,...more
Takeaway: Since the U.S. Supreme Court addressed the issue of standing based on allegations of possible future injury in Clapper v. Amnesty International USA, 568 U.S. 398 (2013), the courts of appeals have addressed this...more
PCS Revenue Control Systems, Inc. (PCS) was hit with a proposed class action lawsuit last week alleging that it discovered a data breach from a hacking attack in December 2019 but failed to notify the affected students until...more
The 11th Circuit recently weighed in on the hottest issue is data breach litigation, whether a demonstration of actual harm is required to have standing to sue. Joining several other circuit courts, the 11th Circuit in Tsao...more
The Court of Queen's Bench of Alberta, in Setoguchi v Uber B.V., 2021 ABQB 18, recently dismissed an application for certification of a proposed class action resulting from a data breach because there was no evidence of harm...more
Canon U.S.A. Inc. (Canon) was hit with a class action lawsuit in the U.S. District Court for the Eastern District of New York this week for the ransomware attack that exposed current and former employees’ personal information...more
Health insurer Anthem, Inc. has finally reached a settlement with a coalition of 41 states plus the District of Columbia, and a separate settlement with California, to resolve state attorney general investigations of a data...more