State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
From Cell Phones to Tractors: The Right to Repair Movement Drives On — Regulatory Oversight Podcast
AI Legislation: The Statewide Spotlight - Regulatory Oversight Podcast
State AG Pulse | The Inside Scoop: On Being Chief Deputy
Great Women in Compliance: Exploring the Future of Compliance - Key Takeaways from Compliance Week 2025
AI Legislation: The Statewide Spotlight — The Consumer Finance Podcast
Solicitors General Insights: A Deep Dive With Mississippi and Tennessee Solicitors General — Regulatory Oversight Podcast
Leadership and Innovation at the Illinois AG's Office — Regulatory Oversight Podcast
Consumer Finance Monitor Podcast Episode: Private Civil Consumer Financial Services Litigation to Partially Fill CFPB Void - Part 1
The JustPod: The State of Prosecutorial Independence and Prosecutorial Discretion
State AG Pulse | “Don’t Mess With Our Health or Our Kids!”
Podcast - Looking into the Crystal Ball: The Future of Consumer Protection Law Enforcement
Inside Maine's AG Office: AG Aaron Frey on Public Service — Regulatory Oversight Podcast
State AG Pulse | With the Reshaping of Government, More Power To State AGs
Daily Compliance News: April 7, 2025, The Whistleblowers Awarded Edition
New York's Bold Move to Create a Mini CFPB — The Consumer Finance Podcast
Antitrust Insights for Private Equity Navigating the New Administration's Policies — PE Pathways Podcast
State AG Pulse | DEI in the Federal and State Spotlight
The New York Attorney General recently entered into an assurance of discontinuance with Root Insurance Company following a 2021 data incident. According to the AG, the threat actors obtained people’s drivers’ license numbers...more
Nebraska AG Mike Hilgers filed a lawsuit against Change Healthcare Inc. and its owners and operators (collectively, “Change”)—which provide a data clearinghouse used by healthcare providers, pharmacies, and insurers—alleging...more
New York Attorney General (AG) Letitia James and global movie theater operator National Amusements, Inc. (National) settled a lawsuit stemming from a 2022 data breach reported by National, which affected 82,128 National...more
Crypto Payments Firms Announce New Integrations and Initiatives - According to reports, fintech bank Revolut recently announced a partnership with Ledger, a major crypto hardware wallet provider, to make it easier for...more
Here are curated AG and federal regulatory news stories highlighting key areas in which state and federal regulators’ decisions are having an impact across the US: •Florida AG Takes the Field Against Atlantic Coast...more
On April 25, 2024, the attorneys general of 22 states issued a letter encouraging UnitedHealth Group and its subsidiary, Change Healthcare, to take additional steps to respond to a massively disruptive cyberattack. The broad,...more
A multistate coalition of 17 Democratic and 5 Republican AGs wrote a letter to UnitedHealth Group Inc. urging the company to improve its response following a cyberattack on its subsidiary Change Healthcare, which provides a...more
In recent regulatory and enforcement developments, the California Privacy Protection Agency (CPPA) proposed a regulatory framework for automated decision-making technology (ADMT) and revisions to the California Consumer...more
October was a busy month in New York for cybersecurity enforcement. In addition to a $4.5 million settlement between the New York Department of Financial Services and EyeMed Vision Care (discussed in a forthcoming blog post),...more
We have heard time and time again that we should not reuse passwords across accounts—if a cybercriminal were to obtain access to the password of one account, they could then use such password to access multiple accounts. This...more
Credential stuffing has quickly become one of the top attack vectors online, according to the Office of New York State Attorney General Letitia James (OAG). On January 6, 2022, the OAG announced the result of a sweeping...more
After reading New York Attorney General Letitia James’ Business Guide for Credential Stuffing Attacks (“Guide”), I promptly reminded my family (and myself!) to change passwords. The practice of using the same password for...more
Washington AG Bob Ferguson released an annual Data Breach Report detailing statistics relating to data breaches, cyberattacks, and ransomware incidents reported to the AG’s office in 2021...more
The New Jersey Attorney General’s Office announced on October 12 that Diamond Institute for Infertility and Menopause, LLC, based in Millburn, NJ, will pay a $495,000 penalty for allegedly violating HIPAA and state law by...more
California's Attorney General recently issued guidance for healthcare providers and facilities. The guidance serves as a reminder to comply with data privacy laws and with California Civil Code section 1798.82, which requires...more
In late May, New York Attorney General Letitia James announced a $200,000 settlement agreement with Filters Fast, an online water filtration retailer, stemming from a 2019 data breach compromising the personal information of...more
A group of 19 Republican AGs, led by Montana AG Austin Knudsen, wrote a letter to President Joe Biden urging him to support additional energy infrastructure in the wake of the Colonial pipeline shutdown...more
Sabre Corporation, the travel technology company, agreed to pay $2.4 million as a settlement with twenty-seven (27) State Attorneys General for a 2017 data breach involving hotel booking services....more
Seven state attorneys general, led by New York Attorney General Letisha James, reached a settlement with Residual Pumpkin Entity LLC (formerly known as CafePress LLC) (“CafePress”), related to a 2019 data security incident,...more
The travel giant Sabre Corp. has reached an agreement with multiple State Attorneys General to pay $2.4 million and make certain changes in its cybersecurity policies to settle a multi-state investigation into a 2017 data...more
The Home Depot, Inc. (“Home Depot”) recently entered into a multi-state Assurance of Voluntary Compliance with Attorneys General of 46 states and the District of Columbia (the “Settlement”) stemming from a massive 2014 data...more
In this month's edition of our Privacy & Cybersecurity Update, we examine the U.S. Treasury's advisories regarding the role of financial intermediaries in ransomware payments, a ruling by the Israeli data protection authority...more
October marks the seventeenth annual National Cybersecurity Awareness month in the United States and provides an opportune moment to take stock of an extraordinary year. The past year has seen a rise in high-profile data...more
On September 15, 2020, the New York Attorney General (NYAG) reached a Consent and Stipulation Agreement (the “Agreement”) with Dunkin’ Brand’s Inc. a year after filing a lawsuit over the company’s response to cyberattacks in...more
On Tuesday, September 15, New York Attorney General Letitia James announced a settlement with Dunkin’ Brands Inc. regarding a lawsuit in New York state court titled The People of The State of New York et al. v. Dunkin’ Brands...more