According to a press release, Personal Touch, a home health company located on Long Island, has reached a settlement with New York Attorney General Letitia James for $350,000 for a data breach that occurred in January of 2021 when a Personal Touch employee “opened a malware-infected file attached to a phishing email that allowed
Data Breach
State Bar of Georgia Reveals Security Incident to Employees and Members
The State Bar of Georgia recently disclosed that it was the victim of a cybersecurity incident in April 2022, when an unauthorized individual accessed its systems and compromised the data of current and former employees and “some members of the State Bar.”
The incident included unauthorized disclosure of individuals’ names, addresses, dates of birth, Social…
ParkMobile Can’t Escape Data Breach Class Action
The class action lawsuit will continue against ParkMobile LLC for a data breach that affected 21 million users of the parking app (Baker v. ParkMobile LLC).The ParkMobile app allows users to pay for parking without having to use a traditional meter. The complaint alleges that ParkMobile was negligent in its safeguarding of consumer…
Neopets Breach Affects 69M Users
What is Neopets, you ask? It is a virtual pet website that gives members the ability to “own, raise, and play games with their virtual pets.” According to BleepingComputer, Neopets has experienced a data breach which has exposed the data of up to 69 million Neopets users. That is not an issue when you…
SuperCare Health Hit with Another Data Breach Class Action
In the U.S. District Court for the Central District of California last week, SuperCare Health, Inc. was hit with another proposed class action based on a data breach that allegedly compromised the personal and health information of over 300,000 current and former patients. SuperCare Health is a respiratory-care provider.
Lead plaintiff, Hamid Shalviri, alleges that…
Mailchimp Suffers a Data Breach
This week we learned that the email and social media marketing company Mailchimp suffered a data breach that allowed an intruder to view 319 Mailchimp accounts. According to multiple sources, audience data were accessed from 102 of those accounts.
It was reported that the threat actor was able to breach Mailchimp’s systems through social engineering…
Privacy Tip #321 – California AG Warns Consumers About ID Theft from T-Mobile Breach
On March 2, 2022, California Attorney General Rob Bonta urged individuals affected by the T-Mobile breach in 2021 to take advantage of resources to assist with preventing or responding to identity theft. According to the consumer alert, more than 53 million individuals were affected by the breach, including over 6 million California residents. The compromised…
Reporting of Breaches Under 500 Due by March 1
HIPAA requires covered entities and business associates to report to the Office for Civil Rights (OCR) all breaches of unsecured protected health information when the incident involves fewer than 500 individuals no later than 60 days following the calendar year in which the breach occurred.
This year, the deadline for reporting breaches that occurred in…
If Your Disclosure of a Data Breach Was “Late,” You May Have to Litigate
A professional accounting firm in Illinois received an unwanted holiday “gift” in the form of a class action complaint stemming from its alleged failure to secure personally identifiable information (PII) and to timely notify affected parties of a data breach.
On December 17, 2021, a lawsuit was filed against Bansley & Kierner, LLP, which offers…
District Court Enforces DOL Investigative Subpoena Against Plan Service Provider Concerning Alleged Cybersecurity Breaches
A federal District Court judge in Illinois sided with the U.S. Department of Labor (DOL) in ordering Alight Solutions, LLC, an ERISA plan services provider, to comply with an administrative subpoena seeking documents pertaining to alleged cybersecurity breaches. The Court’s order in the case, Walsh v. Alight Solutions, LLC, Dkt. # 20-cv-02138 (N.D. Ill.), is…