Earlier this month, after the conclusion of the public comment period, the Colorado Department of Law adopted amendments to the Colorado Privacy Act (CPA), which grants rights to Colorado consumers concerning their personal...more
12/20/2024
/ Biometric Information ,
Colorado ,
Consumer Privacy Rights ,
Data Collection ,
Data Controller ,
Data Privacy ,
Data Protection ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Right to Delete ,
State Privacy Laws
Oak Valley Hospital, located in Oakdale, California, reached a settlement in a class action related to a 2023 data breach. On July 18, 2023, Oak Valley detected suspicious activity on its IT systems. Pursuant to the forensic...more
Elemetal LLC faces a data breach class action resulting from its alleged failure to implement appropriate security measures, which led to a 2023 breach of approximately 13,000 customers’ personal information. Elemetal is a...more
Ally Financial Inc., a digital financial services company, faces two class action lawsuits in the U.S. District Court for the Western District of North Carolina related to an April 2024 data breach. The suits allege that Ally...more
This week, Marriott International, Inc. and its subsidiary Starwood Hotels & Resorts Worldwide LLC (collectively, Marriott) agreed to settle on the terms of a settlement order with the Federal Trade Commission (FTC) for its...more
Candid Color Systems Inc., based in Oklahoma, faces a class action lawsuit for its alleged violations of the Illinois Biometric Information Privacy Act (BIPA). Candid Colors offers marketing services to photographers,...more
Last month, multiple car dealerships and auto repair shops filed federal lawsuits against CDK Global LLC, a technology company providing software to the automotive, heavy truck, recreation, and heavy equipment industries, as...more
Minnesota was the nineteenth state to pass a comprehensive data privacy law, the Minnesota Consumer Privacy Act (H.F. 4757) (MCPA), which becomes effective on July 31, 2025.
While we continue to see more of these laws...more
Last week Marriott Hotel Services was hit with a class action lawsuit for alleged violations of the Illinois’ Biometrics Information Privacy Act (BIPA). The lawsuit alleges that the hotel violated BIPA by requiring workers to...more
5/28/2024
/ Biometric Information ,
Biometric Information Privacy Act ,
Class Action ,
Data Collection ,
Data Privacy ,
Employer Liability Issues ,
Employment Litigation ,
Fingerprints ,
Hospitality Industry ,
Marriott ,
Personal Data ,
Personally Identifiable Information ,
Statutory Violations
CYBERSECURITY -
Health Care Entities Continue to Get Pummeled by Cybersecurity Attacks -
The newest health care entity to be hit by a cyberattack is Ascension Health, which operates 140 hospitals and 40 assisted living...more
5/10/2024
/ Consumer Privacy Rights ,
Cyber Threats ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Information Sharing ,
Personal Data ,
Personally Identifiable Information ,
Social Media
DoorDash, Inc. recently settled with the California Attorney General for alleged violations of the California Consumer Privacy Act (CCPA) and the California Online Privacy Protection Act (CalOPPA). This is only the second...more
Convergent Outsourcing Inc., a debt-collection agency, settled a data breach class action in the U.S. District Court for the Western District of Washington for $2.45 million. The class action suit against Convergent alleged...more
CYBERSECURITY -
Ransomware Hitting U.S. Companies at Increasing Rate -
Unfortunately, according to Unit 42 of Palo Alto’s recently published “Ransomware and Extortion Report,” ransomware groups had a good year in 2022....more
CYBERSECURITY -
Mozilla Releases Security Updates for Thunderbird and Firefox -
Mozilla recently released security updates to address known vulnerabilities in their Thunderbird and Firefox products. The Cybersecurity &...more
1/31/2024
/ Baby Boomers ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Drones ,
Generation Z ,
Location Data ,
Personally Identifiable Information ,
Vulnerability Assessments
CYBERSECURITY -
SEC’s Hacked X Account Leads to Tumultuous Bitcoin Market -
The Securities and Exchange Commission has confirmed that its X account “was compromised, and an unauthorized post was posted.” The SEC...more
1/12/2024
/ 23andMe ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
Genetic Materials ,
Hackers ,
Information Governance ,
Personally Identifiable Information ,
Securities and Exchange Commission (SEC) ,
State Data Privacy Laws ,
Twitter
CYBERSECURITY -
New York Governor Proposes Cybersecurity Regulations for NY Hospitals -
On November 13, 2023, Governor Kathy Hochul released proposed cybersecurity regulations applicable to all hospitals located within...more
11/17/2023
/ Artificial Intelligence ,
Consumer Privacy Rights ,
Corporate Sales Transactions ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
FCC ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Identity Theft ,
Personal Data ,
Personally Identifiable Information ,
Regulatory Agenda ,
Regulatory Reform
CYBERSECURITY -
Hackers Steal $4.4M Crypto Using Data Linked to LastPass Breach -
According to Bleeping Computer, crypto fraud researchers at ZachXBT, and MetaMask developer Taylor Monahan have reported that on October 25,...more
11/8/2023
/ Artificial Intelligence ,
Biden Administration ,
Cryptocurrency ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Drones ,
Hackers ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Securities and Exchange Commission (SEC) ,
SolarWinds
CYBERSECURITY -
Urgent Joint Cybersecurity Advisory on Atlassian Vulnerability Issued -
The Cybersecurity & Infrastructure Security Agency (CISA), FBI, and MS-ISAC recently released an urgent Joint Advisory on the...more
This week, California’s governor signed a first-in-the-nation law that will impose new regulations on data brokers, requiring such entities to delete personal data pursuant to consumer requests. Data brokers specialize in...more
10/13/2023
/ California ,
California Privacy Protection Agency (CPPA) ,
Consumer Privacy Rights ,
Data Brokers ,
Data Collection ,
Data Deletion ,
Data Management ,
Data Protection ,
Information Governance ,
New Legislation ,
Personal Data ,
Personally Identifiable Information ,
Regulatory Reform
CYBERSECURITY -
Joint Advisory Warns of Snatch Ransomware -
The FBI and CISA issued a Joint Cybersecurity Advisory “#StopRansomware: Snatch Ransomware” on September 20, 2023. The Advisory outlines the indicators of...more
CYBERSECURITY -
Joint Commission Issues Alert on Patient Safety After a Cyber-Attack -
On August 15, 2023, the Joint Commission issued a Sentinel Event Alert entitled “Preserving patient safety after a cyberattack,”...more
An Illinois appellate court has ruled that Apple’s biometric unlock features, including Touch ID fingerprint scanning and Face ID facial geometry scanning, do not violate the state’s Biometric Information Privacy Act (BIPA)....more
1/13/2023
/ Apple ,
Biometric Information ,
Biometric Information Privacy Act ,
Class Action ,
Data Collection ,
Data Privacy ,
Data Storage ,
Facial Recognition Technology ,
Fingerprints ,
Personal Data ,
Personally Identifiable Information ,
Smartphones
A 34-page class action was filed against Blackhawk Network for a data breach that occurred on MyPrepaidCenter.com in September of this year. The plaintiffs allege that Blackhawk Network’s failure to prevent or detect this...more
The City Council of Chula Vista, California (in the San Diego metropolitan area), announced a new policy governing how city law enforcement can use technology to protect residents from data collected by surveillance...more
CYBERSECURITY -
CISA Lists Top CVEs Exploited by Chinese State-Sponsored Cyber Actors -
The Cybersecurity & Infrastructure Security Agency (CISA) recently issued an Alert outlining the top Common Vulnerabilities and...more
10/21/2022
/ Artificial Intelligence ,
China ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Drones ,
Employee Monitoring ,
Geolocation ,
Hackers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Personally Identifiable Information ,
Popular ,
Robots