Litigation and legal developments concerning data breaches.
Mark Rasch writes: When something goes wrong, after exhausting all other possible alternatives, a company may go to its lawyer with the silliest question you can ever ask a lawyer — “Can I sue?” The basic answer is, “if it moves, sue it…” “If it doesn’t move… move it… then sue it…” And when asked, […]
The Oregonian reports: Intel says a former employee downloaded thousands of documents shortly after the company fired him in July, many of them classified as “Top Secret.” Jinfeng Luo lived in Seattle and had worked as a software developer for Intel since 2014, according to a lawsuit the company filed against him in Washington federal […]
In 2022, Illuminate Education, Inc. suffered a major data breach. Now three states have announced a settlement with the edtech vendor. From the California Attorney General Rob Bonta’s office:
Bank Info Security reports: Proposed federal class action litigation is piling up against Conduent Business Solutions following its recent public disclosure that an October 2024 hacking incident potentially compromised personal and health information of more than 10.5 million people. As of Tuesday, at least nine proposed class action lawsuits have been filed since Oct. 27 […]
The Register reports: Russia’s Interior Ministry says police have arrested three suspects it believes helped build and spread the Meduza infostealer. A statement issued by spokesperson Irina Volk via the Ministry’s Telegram channel on Thursday included video footage of all three arrests of men described as “young IT specialists” who are alleged to have helped […]
Yale News reports a settlement stemming from a March, 2025 data breach that the Yale New Haven Health System reported to HHS as impacting 5,556,702 individuals: The Yale New Haven Health System has agreed to finance an $18 million settlement fund in response to a class action lawsuit about a data breach that allowed an unauthorized third […]
Insurance Business Magazine reports: A Texas woman has sued Goosehead Insurance Agency over a data breach that exposed sensitive customer information, alleging the company waited seven months to sound the alarm. Jayda Slaughter filed the proposed class action in federal court on October 24, claiming the national insurance agency’s network was infiltrated in early March […]
GGR Asia reports: The operator of the casino resort Marina Bay Sands in Singapore has been fined SGD315,000 (US$243,200) in relation to a data breach that took place in 2023 and involved the personal data of more than 665,000 clients. Singapore’s Personal Data Protection Commission (PDPC) said in an announcement on Tuesday that it had “imposed a […]
TechTarget reports: Integris Health settled a class action data breach lawsuit to resolve claims alleging that it failed to protect the sensitive data of its patients. The data breach in question occurred in November 2023, impacting nearly 2.4 million individuals, including 224,000 minors. The Oklahoma-based health system, which operates 16 hospitals and other healthcare facilities throughout the […]
Given how many breaches are at third-party service providers this year, guidance on dealing with vendors with an eye towards cybersecurity seems timely. October 21, 2025 New York State Department of Financial Services (DFS) Acting Superintendent Kaitlin Asrow today issued new cybersecurity guidance addressing the risks associated with entities becoming increasingly reliant on third-party service […]
