LATEST POST
OCR Enters into Two More Settlements for Failure to Conduct Security Risk Assessments
The Office for Civil Rights (OCR) entered into two recent settlements with HIPAA covered entities alleging that they failed to conduct security risk assessments. Robinson & Cole LLP discusses the enforcement actions. Deer Oaks On July 7, 2025, OCR announced a settlement with Deer Oaks, a behavioral health provider, for alleged violations of HIPAA. The settlement resolves […]
UK police arrest four in connection with M&S, Co-op and Harrods cyberattacks
Reuters reports law enforcement in the UK has arrested four young people believed to be part of the Scattered Spider group that crippled high-end retailers earlier this year: Four people have been arrested as part of a police investigation into cyberattacks that disrupted the operations of retailers Marks & Spencer, the Co-op and Harrods, Britain’s […]
North Dakota’s New InfoSec Requirements for Financial Corporations
Earlier this year, North Dakota’s Governor signed HB 1127, which imposes new obligations for financial corporations operating in North Dakota. The law will take effect on August 1, 2025. From JacksonLewis, an explainer on the new law’s requirements for a comprehensive, written information security programs: Read more of the required elements at Workplace Privacy, Data Management & […]
Don’t Delay! California Likely to Soon Require Data Breach Notifications to be Provided to Consumers Within 30 Days
Attorneys at Fisher Phillips write: Read more at JDSupra.
Obligations under Canada’s data breach notification law
Data breach notification law is governed by the Personal Information and Electronic Documents Act (PIPEDA). This federal law regulates the handling of personal information during commercial transactions. This includes the collection, use, and disclosure of personal data. As Lexpert explains, by extension, this also includes the storage of information while in use: Read more at […]
Kelly Benefits updates its breach disclosure: 550,000 people affected
SecurityAffairs reports: Benefits and payroll solutions firm Kelly Benefits has confirmed that a recent data breach has affected 550,000 individuals. As the investigation continued, the scale of the impact expanded, revealing that more people were affected than initially believed. The U.S.-based company provides benefits, payroll, and workforce management solutions to businesses. In April, Kelly Benefits disclosed a data breach where […]
Luxury brand Louis Vuitton Korea reports data breach
A third luxury brand owned by LVMH has announced that they were the victim of a cyberattack affecting customer data.. The Economic Times reports: Louis Vuitton has become the latest luxury brand in South Korea to suffer a data breach, according to the company on Friday, following recent similar cases involving Dior, Tiffany and Cartier in the […]
South Korea penalises ‘negligent’ SK Telecom over major data breach
SK Telecom has been hit with a number of orders and penalties in the wake of a data breach affecting more than 20 million of its customers. In May, the Personal Information Protection Commission ordered the carrier to send individual notifications to customers whose personal information was breached. Now the government has determined that SK […]