Lehigh Valley Health Network (LVHN) has agreed to settle a class action filed against it following a February 2023 ransomware attack that compromised personal information of patients, including medical and treatment information, health insurance information and, for some individuals, social security numbers, driver’s license numbers, and banking information. For a limited number of individuals, the
Enforcement + Litigation
Members of International Sextortion Ring Charged for Stealing $2M From Victims
According to the FBI, it has “seen a huge increase in the number of cases involving children and teens being threatened and coerced into sending explicit images online,” also known as sextortion.
In some cases, the criminal will threaten the teen that they have a revealing picture or video and that they will share…
Labor Union Faces Class Action for Data Breach
A class action complaint was filed against the International Brotherhood of Electrical Workers (IBEW) labor union for a data breach that occurred between March 31 and April 5, 2024. IBEW represents individuals who work in a wide variety of fields, including utilities, construction, telecommunications, broadcasting, manufacturing, railroads, and government. The security incident resulted in unauthorized…
Biometric Data Collection Leads to Class Action Lawsuit under Illinois Privacy Law
Candid Color Systems Inc., based in Oklahoma, faces a class action lawsuit for its alleged violations of the Illinois Biometric Information Privacy Act (BIPA). Candid Colors offers marketing services to photographers, including photo-matching technology that allows consumers to identify all of the photos taken of a particular student at a graduation ceremony.
The complaint, filed…
Texas AG Sues General Motors for Illegal Data Collection
This week, Ken Paxton, the Texas Attorney General, filed suit against General Motors for alleged violations of the Texas Deceptive Trade Practices Act in collecting and selling drivers’ data to insurers without consumer consent.
In June, the Attorney General’s office announced an investigation into several car manufacturers for alleged collection of mass amounts of data…
Illinois Biometric Information Privacy Act Amendment May Make Waves in Litigation Trends
Last week, Illinois Governor JB Pritzker signed S.B. 2979 to amend the Biometric Information Privacy Act (BIPA) immediately to define the repeated collection of the same biometric data without consent as a SINGLE, COLLECTIVE violation of the Act–this is a significant change. The precedent set by the Illinois Supreme Court in February 2023 in Cothron…
David’s Bridal Hit with Class Actions Over Two Data Breaches
This week, two class actions were filed in the U.S. District Court for the Eastern District of Pennsylvania against David’s Bridal based on two data breaches. The actions allege that David’s Bridal failed to protect the personal information of employees and customers.
In January 2024, David’s Bridal suffered a ransomware attack instigated by ransomware group…
EPA Notice of Violation Letters Phishing Scam
Thank you to Jon Schaefer for this post. Jon focuses his practice on environmental compliance counseling, occupational health and safety.
On July 30, 2024, the U.S. EPA Office of Inspector General issued a fraud alert to bring attention to an increasing number of companies reporting that they have received fraudulent EPA Notice of Violation…
California Privacy Protection Agency Announces Additional Enforcement Focuses
The regulatory enforcement agency for the California Consumer Privacy Act, as amended by the California Privacy Rights Act (collectively, the CCPA), the California Privacy Protection Agency (CPPA) announced additional enforcement focuses this week, including an emphasis on dark patterns on businesses’ websites. Michael Macko, Deputy Director of the CPPA, said, “The number of investigations we…
CDK Car Dealership Software Breached, Lawsuits Filed
Last month, multiple car dealerships and auto repair shops filed federal lawsuits against CDK Global LLC, a technology company providing software to the automotive, heavy truck, recreation, and heavy equipment industries, as a result of a data breach that caused its dealership management software systems to be out of commission.
The incident occurred last month…