Litigation and legal developments concerning data breaches.
Pharmacy Times reports: In January 2021, a nationwide mail-order pharmacy located in Massachusetts experienced a data breach. The pharmacy discovered the breach in May 2021 and investigated to determine its scope. Personally identifiable information (PII), including names and Social Security numbers for more than 75,000 customers, was breached. In February 2022, 9 months after the […]
From Covington and Burling: Read more at Inside Privacy.
From attorneys at Jackson Lewis: On June 20, 2025, Texas Governor Greg Abbott signed SB 2610 into law, joining a growing number of states that aim to incentivize sound cybersecurity practices through legislative safe harbors. Modeled on laws in states like Ohio and Utah, the new Texas statute provides that certain businesses that “demonstrate[] that at the time […]
Foley & Lardner has updated a resource on state laws. From their website:
The Daily Record reports an appellate decision that is probably quite a relief to Marriott International: The U.S. Court of Appeals for the 4th Circuit has reversed a lower Maryland court’s recertification of plaintiff classes in a pair of consolidated lawsuits filed against Marriott and an information technology service provider for a 2018 data breach, handing down a major […]
Is this becoming a growing trend with more people signing up for every class action lawsuit they might be eligible for? How much money can you get this way? WIRED reports: In early April of this year, after more than a decade of litigation and a $90-million settlement, Mark Zuckerberg sent me forty bucks on Venmo. […]
DataBreaches.net reports: He’s just a frail-looking teenager, but he sent threatening emails to get his victims to pay his extortion demands. Today, 19 year-old Assumption College student Matthew Lane waived indictment and pleaded guilty in a Worcester courtroom to hacking an unnamed telecom company and an unnamed edtech vendor, widely known to be PowerSchool. As per the plea […]
From Jackson Lewis’s Workplace Privacy, Data Management & Security Report: The Oklahoma State Legislature recently enacted Senate Bill 626, amending its Security Breach Notification Act, effective January 1, 2026, to address gaps in the state’s current cybersecurity framework (the “Amendment”). … In the new year, entities required to provide notice to impacted individuals under the […]
Vodafone GmbH has been hit with a massive fine by the German data protection agency for privacy and data security violations. BleepingComputer reports: The German data protection authority (BfDI) has fined Vodafone GmbH, the telecommunications company’s German subsidiary, €45 million ($51.4 million) for privacy and security violations. “Due to malicious employees in partner agencies who […]
A press release from the U.S. Attorney’s Office, Eastern District of New York:
