Social Security Number

Earlier this month, the Federal Trade Commission reached a $1.5 million settlement with loan application company ITMedia Solutions LLC over alleged violations of the FTC Act and Fair Credit Reporting Act. The FTC alleged that ITMedia deceptively acquired and indiscriminately shared consumers’ sensitive personal information under the guise of connecting them with lenders.
Continue Reading FTC Settles with Loan Application Company Over Alleged Misuse of Sensitive Personal Information

Earlier this month, the New Jersey Acting Attorney General Andrew Bruck announced that its Division of Consumer Affairs had reached a $425,000 settlement with three New Jersey-based providers of cancer care over alleged failures to adequately safeguard patient data.
Continue Reading NJ Acting Attorney General Announces $425,000 Fine to Settle Breach Investigation

On October 12, 2021, New Jersey Acting Attorney General Andrew J. Bruck and the Division of Consumer Affairs announced a settlement with Diamond Institute for Infertility and Menopause, LLC over a data breach that compromised the personal information of 14,663 patients, including 11,071 New Jersey residents. The Division of Consumer Affairs alleged that the fertility clinic violated the New Jersey Consumer Fraud Act and the federal HIPAA’s Privacy and Security Rules by removing protected health information safeguards.
Continue Reading New Jersey Acting Attorney General Announces Data Breach Settlement with Fertility Clinic

On June 15, 2021, the SEC announced it settled charges against real estate services company First American Financial Corporation (“First American”) for alleged violation of Rule 13a-15(a) of the Exchange Act. The SEC charged First American with failure to maintain disclosure controls and procedures designed to ensure that all available, relevant information concerning a software vulnerability that led to a cybersecurity incident was filed with the Commission.

Continue Reading SEC Settles Charges Against Real Estate Services Company Over Control Failures Related to Cybersecurity Disclosure

On September 30, 2020, Anthem, Inc., entered into an assurance of voluntary compliance with the attorneys general of 42 states and the District of Columbia to resolve claims under state and federal law relating to Anthem’s 2015 data breach of personal information and protected health information, the largest breach of PHI in history.
Continue Reading 42 States and District of Columbia Enter into $39.5 Million Agreement with Anthem to Settle Breach-Related Claims

On May 4, 2020, Californians for Consumer Privacy (the group behind the ballot initiative that inspired the CCPA) announced that it had collected over 900,000 signatures to qualify the California Privacy Rights Act for the November 2020 ballot.
Continue Reading BREAKING: Californians for Consumer Privacy Introduces California Privacy Rights Act for November 2020 Ballot