Litigation and legal developments concerning data breaches.
Seen at Epstein Becker Green’s Health Law Advisor: New York State appears poised to become the fourth state to explicitly regulate consumer health data not covered by the federal Health Insurance Portability and Accountability Act (HIPAA). In May of 2023, Washington State enacted the My Health My Data Act; in June of 2023, Connecticut amended […]
The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced a $1,500,000 civil money penalty against Warby Parker, Inc., a manufacturer and online retailer of prescription and non-prescription eyewear, concerning violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule, following the receipt of a breach […]
The HIPAA Journal reports: A District Court Judge has set a March 2025 deadline for Change Healthcare to file motions to dismiss certain claims raised in multiple complaints in response to its February 2024 ransomware attack and data breach. In February 2024, Change Healthcare suffered a ransomware attack that resulted in file encryption and the […]
2023 was a bad year for commercial file transfer software apps because the Clop ransomware gang kept managing to find zero-day vulnerabilities to exploit. One of their campaigns involved Fortra’s GoAnywhere software. Even though Fortra issued a patch for CVE-2023-0669 within a week of discovery, there were many victims, including Brightline. Now TechTarget reports that […]
Courthouse News Service has an update on the Cambridge Analytica settlement. The Ninth Circuit Court of Appeals ruled Thursday afternoon that a federal court did not abuse its discretion in 2023 when it approved a $725 million settlement between Facebook, Inc. — now known as Meta — and a settlement class concerning the Cambridge Analytica scandal, an event in which […]
MediaNama reports: India needs a threshold-based system for data breach reporting, speakers argued at MediaNama’s discussion on the draft Digital Personal Data Protection Rules (DPDP Rules, 2025) on February 7. This came as a comment during the session on the draft rules around data breaches. MediaNama conducted this discussion under the Chatham House Rule. (Chatham […]
The Record reports; Police in the Netherlands say they seized 127 servers this week that were used by Zservers, a bulletproof hosting service that was the subject of international sanctions issued Tuesday. The raid on Wednesday at the Paul van Vlissingenstraat data center in Amsterdam “followed a long-term digital investigation into the activities of a […]
WGTC reports: Attorney General William Tong has announced that Connecticut is joining several other states in filing a lawsuit against Donald Trump’s administration and the overreach of his Elon Musk-led Department of Government Efficiency. Tong is one of 19 Democratic attorneys general who have sued Trump in an effort to block Musk from accessing the systems […]
Here are just two of many recent proposed settlements in data breach litigation: Arthur J. Gallagher & Co. and and Gallagher Bassett Services, Inc. Settlement: Arthur J. Gallagher & Co. agreed to a $21 million class action lawsuit settlement to resolve claims it failed to prevent a 2020 data breach that compromised sensitive employee and client […]
Privilege Under Pressure: The Shifting Data Breach Investigation Landscape
From the law firm of Greenberg Traurig: Read more about recent federal cases that are posing challenges to claiming attorney-client privilege or work product doctrine at The National Law Review.