On July 26, 2022, the attorneys general of New Jersey, Pennsylvania, Delaware, Maryland, Virginia, Florida and Washington D.C. announced an $8 million multistate settlement with Wawa Inc. that resolves the states’ investigation into a 2019 data breach that compromised approximately 34 million payment cards used by consumers at Wawa stores and fueling locations.
Continue Reading Wawa Inc. Settles Multi-State AG Breach Investigation for $8 Million

On January 18, 2022, New Jersey Governor Phil Murphy signed into law Assembly Bill No. 3950, requiring employers to provide written notice to employees prior to the use of tracking devices in vehicles used by employees. The Act will go into effect on April 18, 2022.
Continue Reading New Jersey Requires Employers to Notify Employees of the Use of Tracking Devices

Earlier this month, the New Jersey Acting Attorney General Andrew Bruck announced that its Division of Consumer Affairs had reached a $425,000 settlement with three New Jersey-based providers of cancer care over alleged failures to adequately safeguard patient data.
Continue Reading NJ Acting Attorney General Announces $425,000 Fine to Settle Breach Investigation

On October 12, 2021, New Jersey Acting Attorney General Andrew J. Bruck and the Division of Consumer Affairs announced a settlement with Diamond Institute for Infertility and Menopause, LLC over a data breach that compromised the personal information of 14,663 patients, including 11,071 New Jersey residents. The Division of Consumer Affairs alleged that the fertility clinic violated the New Jersey Consumer Fraud Act and the federal HIPAA’s Privacy and Security Rules by removing protected health information safeguards.
Continue Reading New Jersey Acting Attorney General Announces Data Breach Settlement with Fertility Clinic

On May 10, 2019, New Jersey Governor Phil Murphy signed into law a bill that amends the state’s data breach notification law to recognize online account information as personal information. This blog entry provides an overview of the amendment.
Continue Reading New Jersey Amends Data Breach Law to Include Online Account Information

On September 7, 2018, the New Jersey Attorney General announced a settlement with data management software developer Lightyear Dealer Technologies, LLC resolving an investigation by the state Division of Consumer Affairs into a data breach that exposed the personal information of car dealership customers in New Jersey and across the country.
Continue Reading Software Company Settles with New Jersey AG Over Data Breach

On August 3, 2018, California-based Unixiz Inc. agreed to shut down its “i-Dressup” website pursuant to a consent order with the New Jersey Attorney General, which the company entered into to settle charges that it violated the Children’s Online Privacy Protection Act and the New Jersey Consumer Fraud Act. The consent order also requires Unixiz to pay a civil penalty of $98,618.
Continue Reading Unixiz Agrees to Settle Charges Under COPPA and the New Jersey Consumer Fraud Act