No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Cybersecurity in Video Games & Esports
2023 DSIR Deeper Dive: Plaintiffs’ Attorneys Are Trying to Assert a New Cause of Action Against Universities Based on an Old Law Regulating Videotape Service Providers
Podcast: A Conversation with Andy Rotherham on Hot Topics in Education for 2023
No Password Required: Threat Intelligence Analyst at Recorded Future, the Ransomware Sommelier, and a Guy With a Mildly Exciting Expense Account
Compliance & Disaster Preparedness
2023 DSIR Report Deeper Dive into the Data
Episode 282 -- CISO and CCOs -- The Evolving Partnership
No Password Required: Threat Researcher at Cisco Talos and a Veteran of the Highest-Profile Cyber Incidents Who Roasts His Own Coffee Beans
Innovation in Compliance - The Role of Backup Systems in Cybersecurity Defense with Curtis Preston
Cyber Threats
No Password Required: The Teenage CEO of Girls Who Hack and Secure Open Vote, Who Is as Comfortable Behind a Mic as She Is Behind a Keyboard.
Hinshaw Insurance Law TV – Cybersecurity Third and Final Part: Ransomware
Can Cyber Investigations Be Canned? - Unauthorized Access Podcast
[Podcast] NSA Cybersecurity Services for Defense Contractors
Understanding the Additional Risks When Making a Ransomware Payment
2022 DSIR Deeper Dive: Ransomware
On April 14, 2025, the UK data protection regulator (the Information Commissioner’s Office (“ICO”)) fined DPP Law (“DPP”) £60,000 (approximately $80,000) following a ransomware incident. In its penalty notice, the ICO found...more
On March 26, 2025, the UK data protection regulator (the Information Commissioner’s Office (“ICO”)) fined Advanced Computer Software Group Ltd (“Advanced”) £3.07 million (approximately $4 million). In 2022, Advanced suffered...more
2024 was a year chock-full of data breaches and privacy violations. Many new data privacy and cybersecurity regulations were introduced (and became effective), and regulators sent a strong message to businesses that privacy...more
Selected U.S. Privacy and Cyber Updates - New York AG Seeks Comments on Rulemaking for Minors’ Online Protection Laws - On August 1, 2024, New York Attorney General Letitia James issued two advanced notices of proposed...more
In May, Santander Bank faced a significant cybersecurity breach that affected millions of its customers and employees worldwide. The hacking group ShinyHunters claimed responsibility for the attack, which also targeted...more
Welcome to our inaugural issue of The Health Record - our healthcare law insights e-newsletter! As such, we wanted to pull together our insights and pass them along to you. Our goal is to create a publication that is...more
CYBERSECURITY - HC3 Warns Healthcare Organizations about Akira Ransomware Group - The Health Sector Cybersecurity Coordination Center (HC3) recently warned the health care sector about the Akira ransomware group that...more
The American Hospital Association (AHA) has warned that information technology (IT) help desks are being targeted in a social engineering scheme that uses the stolen identity of revenue cycle employees or employees in other...more
On February 1, 2024, the Federal Trade Commission (FTC) announced that it had reached a proposed settlement with that would require Blackbaud Inc. (“Blackbaud”) to delete personal data it does not need to retain and upgrade...more
The Current Status of Privacy Laws Across the United States - Unlike the General Data Protection Regulation (GDPR) in the European Union (EU), the United States does not have a nationwide comprehensive data privacy law....more
New York has released proposed cybersecurity regulations for hospitals. The regulations, which were published in The State Register on Dec. 6 and will undergo a 60-day public comment period ending on Feb. 5, are designed to...more
Takeaway: We have written several articles about the development of Georgia common law in data breach litigation. In one article, we discussed the Georgia Supreme Court’s decision in Department of Labor v. McConnell, 305...more
Editor’s Note: On February 15, 2023, HaystackID shared an educational webcast to provide valuable insight into the ways in which AI is being used to address key issues in the realm of privacy and cybersecurity. The expert...more
CYBERSECURITY - Joint Advisory Warns of MedusaLocker Ransomware - A recently-issued joint advisory by the FBI, the Cybersecurity and Infrastructure Security Agency, the Financial Crimes Enforcement Network, and the...more
CYBERSECURITY NIST - Releases Guidance on Supply Chain Security - The National Institute of Standards and Technology (NIST) Information Technology Laboratory recently released guidance entitled “Software Supply Chain...more
CYBERSECURITY - Intelligence Points to Likely Russian Attacks on Critical Infrastructure - The cybersecurity authorities of the United States (including CISA, FBI, NSA and DOE), Australia, Canada, New Zealand, and the...more
CYBERSECURITY - Medical Center Rebuilding EMR Following Ransomware Attack - Queen Creek Medical Center (QCMC), also known as Desert Wells Family Medicine, located in Arizona, has notified up to 35,000 patients of a data...more
CYBERSECURITY - T-Mobile Clarifies Facts of Security Incident in Press Release - There has been a flurry of reporting in the past few days on the T-Mobile customer data compromise, with allegations that the compromise...more
UNITED STATES - Regulatory—Policy, Best Practices, and Standards - President Biden Issues Cybersecurity Executive Order - On May 12, 2021, President Biden issued an executive order that placed new standards on the...more
CYBERSECURITY - Microsoft Issues Emergency Software Update for PrintNightmare Zero Day Vulnerability - Following the release of a U.S. Cybersecurity & Infrastructure Security Agency (US-CERT) Coordination Center...more
Report on Patient Privacy 21, no. 6 (June 2021) - Scripps Health in San Diego experienced what it called “an information technology security incident” from ransomware that was detected May 1, forcing some of its operations...more
CYBERSECURITY - Coveware Q1 2021 Report Shows Increase in Ransomware Payments Over Q4 2020 Coveware issued its Q1 2021 - Ransomware Report on April 26, 2021, which concludes that “[D]ata exfiltration extortion continues...more
As we bid farewell to 2020 and look toward the uncharted territory of 2021, it is hard not to take inventory of all that has changed in such a short period. No one at the beginning of 2020 would have predicted what transpired...more
As a result of the COVID-19 pandemic, millions of Americans have deserted the physical workplace. Modern technology and remote access capabilities have made it possible to transform almost any job to a telework position. As...more
CYBERSECURITY - NSA + FBI Warn Defense Contractors of Russian Hackers - When the National Security Agency (NSA) and the Federal Bureau of Investigations (FBI) get together to issue a joint warning, you may wish to listen...more