State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
From Cell Phones to Tractors: The Right to Repair Movement Drives On — Regulatory Oversight Podcast
AI Legislation: The Statewide Spotlight - Regulatory Oversight Podcast
State AG Pulse | The Inside Scoop: On Being Chief Deputy
Great Women in Compliance: Exploring the Future of Compliance - Key Takeaways from Compliance Week 2025
AI Legislation: The Statewide Spotlight — The Consumer Finance Podcast
Solicitors General Insights: A Deep Dive With Mississippi and Tennessee Solicitors General — Regulatory Oversight Podcast
Leadership and Innovation at the Illinois AG's Office — Regulatory Oversight Podcast
Consumer Finance Monitor Podcast Episode: Private Civil Consumer Financial Services Litigation to Partially Fill CFPB Void - Part 1
The JustPod: The State of Prosecutorial Independence and Prosecutorial Discretion
State AG Pulse | “Don’t Mess With Our Health or Our Kids!”
Podcast - Looking into the Crystal Ball: The Future of Consumer Protection Law Enforcement
Inside Maine's AG Office: AG Aaron Frey on Public Service — Regulatory Oversight Podcast
State AG Pulse | With the Reshaping of Government, More Power To State AGs
Daily Compliance News: April 7, 2025, The Whistleblowers Awarded Edition
New York's Bold Move to Create a Mini CFPB — The Consumer Finance Podcast
Antitrust Insights for Private Equity Navigating the New Administration's Policies — PE Pathways Podcast
State AG Pulse | DEI in the Federal and State Spotlight
The New York Attorney General recently entered into an assurance of discontinuance with Root Insurance Company following a 2021 data incident. According to the AG, the threat actors obtained people’s drivers’ license numbers...more
Nebraska AG Mike Hilgers filed a lawsuit against Change Healthcare Inc. and its owners and operators (collectively, “Change”)—which provide a data clearinghouse used by healthcare providers, pharmacies, and insurers—alleging...more
New York Attorney General (AG) Letitia James and global movie theater operator National Amusements, Inc. (National) settled a lawsuit stemming from a 2022 data breach reported by National, which affected 82,128 National...more
On April 25, 2024, the attorneys general of 22 states issued a letter encouraging UnitedHealth Group and its subsidiary, Change Healthcare, to take additional steps to respond to a massively disruptive cyberattack. The broad,...more
A multistate coalition of 17 Democratic and 5 Republican AGs wrote a letter to UnitedHealth Group Inc. urging the company to improve its response following a cyberattack on its subsidiary Change Healthcare, which provides a...more
In recent regulatory and enforcement developments, the California Privacy Protection Agency (CPPA) proposed a regulatory framework for automated decision-making technology (ADMT) and revisions to the California Consumer...more
October was a busy month in New York for cybersecurity enforcement. In addition to a $4.5 million settlement between the New York Department of Financial Services and EyeMed Vision Care (discussed in a forthcoming blog post),...more
After reading New York Attorney General Letitia James’ Business Guide for Credential Stuffing Attacks (“Guide”), I promptly reminded my family (and myself!) to change passwords. The practice of using the same password for...more
Washington AG Bob Ferguson released an annual Data Breach Report detailing statistics relating to data breaches, cyberattacks, and ransomware incidents reported to the AG’s office in 2021...more
The New Jersey Attorney General’s Office announced on October 12 that Diamond Institute for Infertility and Menopause, LLC, based in Millburn, NJ, will pay a $495,000 penalty for allegedly violating HIPAA and state law by...more
California's Attorney General recently issued guidance for healthcare providers and facilities. The guidance serves as a reminder to comply with data privacy laws and with California Civil Code section 1798.82, which requires...more
In late May, New York Attorney General Letitia James announced a $200,000 settlement agreement with Filters Fast, an online water filtration retailer, stemming from a 2019 data breach compromising the personal information of...more
Sabre Corporation, the travel technology company, agreed to pay $2.4 million as a settlement with twenty-seven (27) State Attorneys General for a 2017 data breach involving hotel booking services....more
The travel giant Sabre Corp. has reached an agreement with multiple State Attorneys General to pay $2.4 million and make certain changes in its cybersecurity policies to settle a multi-state investigation into a 2017 data...more
The Home Depot, Inc. (“Home Depot”) recently entered into a multi-state Assurance of Voluntary Compliance with Attorneys General of 46 states and the District of Columbia (the “Settlement”) stemming from a massive 2014 data...more
In this month's edition of our Privacy & Cybersecurity Update, we examine the U.S. Treasury's advisories regarding the role of financial intermediaries in ransomware payments, a ruling by the Israeli data protection authority...more
October marks the seventeenth annual National Cybersecurity Awareness month in the United States and provides an opportune moment to take stock of an extraordinary year. The past year has seen a rise in high-profile data...more
On September 15, 2020, the New York Attorney General (NYAG) reached a Consent and Stipulation Agreement (the “Agreement”) with Dunkin’ Brand’s Inc. a year after filing a lawsuit over the company’s response to cyberattacks in...more
On Tuesday, September 15, New York Attorney General Letitia James announced a settlement with Dunkin’ Brands Inc. regarding a lawsuit in New York state court titled The People of The State of New York et al. v. Dunkin’ Brands...more
On September 15, 2020, the New York Attorney General’s Office (NYAG) announced a settlement with Dunkin’ Brands, Inc. (Dunkin) in connection with a September 2019 lawsuit brought by the NYAG against Dunkin for alleged...more
Ransomware Attacks Predicted to Occur Every 11 Seconds in 2021 with a Cost of $20 Billion - Confirming what we are seeing in the field, cybersecurity firm Cybersecurity Ventures has predicted that, globally, businesses in...more
FBI Warns of Retaliatory Cyber-Attack from Iran - The Federal Bureau of Investigation (FBI) is warning of a heightened likelihood of Iranian cyber-attacks following the escalation of tension between the U.S. and Iran. This...more
Hong Kong-based Cathay Pacific Airways CEO Rupert Hogg has resigned in order to “take responsibility” a week “after the carrier was rebuked by China for staff involvement in the anti-Beijing protests rocking Hong Kong.” Hogg...more
Massachusetts’ breach notice law has been amended, requiring companies who suffer a data breach to provide more information to the Attorney General about the incident. The law will go into effect in a month, on April 11,...more
In the litigation between Equifax and Massachusetts Office of the Attorney General, Judge Sanders rejected certain provisions of Equifax’s proposed protective order for the production of sensitive discovery materials,...more