Litigation and legal developments concerning data breaches.
Top Class Actions reports: Navvis and SSM Health have agreed to a $6.5 million class action lawsuit settlement to resolve claims that they failed to prevent a 2023 data breach that compromised sensitive patient information. The SSM Health settlement benefits anyone whose private information was compromised in the Navvis and SSM Health data breach between […]
It is important to review any contract with a vendor or business associate in terms of who will be responsible for notifying affected customers or patients of any breach. A post by Robinson + Cole discusses a lawsuit stemming from a dispute over the responsibility of a business associate following a breach. According to the […]
Seen at SheppardMullin: The U.S. Department of Justice (DOJ)’s new data security rule went into effect April 8, 2025. The rule creates what are effectively export controls and requires companies to take measures to prevent U.S. sensitive personal and government-related data from falling into the hands of foreign adversaries. The rule targets transactions (including data […]
Top Class Actions reports: Retina Group of Washington (RGW) has agreed to a $3.6 million class action lawsuit settlement to resolve claims that it failed to prevent a 2023 data breach. The Retina Group of Washington settlement benefits anyone whose personal information was potentially accessible in the company’s data breach on March 26, 2023. The […]
Ashurst reports: On 4 December 2023, the Queensland Parliament gave assent to the Information Privacy and Other Legislation Amendment Act 2023 (Qld) (Act), with privacy reforms to the Information Privacy Act 2009 (Qld) (IP Act) to commence 1 July 2025. You can read more about that here. In Queensland it has not been compulsory for agencies to notify the Office […]
Department Answers Frequently Asked Questions, Provides Guidance, and Issues Limited Enforcement Policy for First 90 Days Today, the Justice Department took significant steps to move forward with implementing a critical program to prevent China, Russia, Iran, and other foreign adversaries from using commercial activities to access and exploit U.S. government-related data and Americans’ sensitive personal […]
TechCrunch reports: Democratic Sen. Ron Wyden has put a hold on the Trump administration’s nomination of Sean Plankey to head the federal government’s top cybersecurity agency, citing a “multi-year cover up” of security flaws at U.S. telecommunication companies. Wyden said in remarks, seen by TechCrunch and confirmed by the senator’s spokesperson, that he will block the nomination […]
The WilmerHale law firm provides a recap of trends in 2024: One of the main risks for a company in the event of a data breach is the threat of litigation. Data breach litigation continued to proliferate in 2024, as it has in prior years. In the past year, plaintiffs continued to seek relief following […]
TipRanks reports: Medibank Private Ltd. is responding to a Federal Court decision regarding a consumer class action linked to a 2022 cybercrime event. The court ruled that Deloitte’s reports were not protected by legal professional privilege, while Medibank’s claims for privilege on other reports were upheld. Medibank plans to appeal the decision concerning the Deloitte reports, which […]
BakerHostetler launches 2025 Data Security Incident Response Report
BakerHostetler has released its 2025 Data Security Incident Response Report, which provides insight and analysis from more than 1,250 data security incidents managed by the firm this past year. Their report features a deep dive into critical components of security incidents (e.g., response timeline, average ransom payment amount, frequency of litigation) as well as an examination of […]