A massive data breach hit one of the country’s largest education software providers. According to EducationWeek, PowerSchool provides school software products to more than 16,000 customers, largely K-12 schools, that serve 50...more
At the end of March, Washington, D.C. signed the Security Breach Protection Amendment Act of 2019, which adds some significant changes to D.C.’s existing data breach law, first enacted in 2007. The law is projected to take...more
Massachusetts’ breach notice law has been amended, requiring companies who suffer a data breach to provide more information to the Attorney General about the incident. The law will go into effect in a month, on April 11,...more
The Governor of Massachusetts has just signed into law amendments to the state’s data breach notification law. The amendments will go into effect April 11, 2019. Under the amended law, companies whose breaches involve Social...more
There is a little-known provision from a new federal law that will most likely impact your hiring practices and your standard hiring documents—and it kicked in last Friday. As of September 21, all employers must update their...more
In an age where data is widely available and almost everything is stored online, data breaches are becoming more common, and the outcomes of cases involving data breaches are unpredictable. Data involved in a breach can range...more
A bi-partisan privacy and data security bill, which will significantly impact companies with North Carolina employees, is in the works. North Carolina State Representative Jason Saine (R), Appropriations Chairman of...more
A North Carolina bill designed to strengthen the state’s data breach notification statute could radically change incident response. Through the Act to Strengthen Identity Theft Protections, North Carolina could quickly become...more
As we all know, over the past few years there have been a host of data breaches by entities that most of us expected would safeguard that information. The latest loss of roughly 150 million Americans' personal information is...more
On August 17, 2017, Delaware amended its personal information protection law, Delaware Code Title 6, Chapter 12B. The amendment becomes effective 240 days after enactment or March 14, 2018. The amended law significantly...more
We’ve all gotten them–the dreaded letter that informs us that our data has been compromised, including our Social Security number. Some have received so many of these “notifications” that they are de-sensitized, throw their...more
Connecticut’s data breach notification law currently requires notification “without unreasonable delay.” Effective October 1, 2015, Connecticut will (a) require notice of any breach of security not only “without unreasonable...more
The Securities and Exchange Commission (“SEC”) recently settled its first cybersecurity-related enforcement action against a Missouri based registered investment adviser, R.T. Jones Capital Equities Management, Inc. (the ...more
Lawyers for former employees of Sony Pictures Entertainment (“SPE”) indicated in a September 2, 2015 filing that they have tentatively reached a settlement with SPE in the class action suit resulting from the data breach...more
Exellus BlueCross BlueShield has announced that the personal information of at least 10 million members has been compromised in a “very sophisticated” cyberattack that occurred on December 23, 2013 and was discovered by the...more
The Office of Personnel Management (OPM) and the Defense Department announced this week that a Portland, OR based vendor has been selected to assist with breach notification and credit assistance for the almost 22 million...more
On August 17, 2015, the Internal Revenue Service (“IRS”) announced that a breach of U.S. taxpayers’ personal information, first disclosed in May, was three times worse than previously thought. While initial reports indicated...more
The list of companies hit by cyber-attacks continues to grow. This time, Florida-based web hosting company, Web.com, has announced that it suffered a data breach that may have compromised credit card information and other...more
It’s 6 p.m. on a Friday and you get a call from your IT department. They have detected that an intruder has gained access to your company’s network. At this point, the headlines from the major data breaches of recent years...more
In January 2014, luxury retailer Neiman Marcus disclosed that it had suffered a cyberattack in which hackers may have gained access to 350,000 credit and debit cards used at its stores in late 2013. Plaintiffs, all of whom...more
With no Congressional consensus to adopt a federal data privacy and breach notification statute, states are updating and refining their already-existing laws to enact more stringent requirements for companies. Two states...more