SentinelOne researchers have discovered AkiraBot, which is used to target small- to medium-sized company websites with generative AI, and drafted outreach messages for website chats, comments, and contact forms. SentinelOne estimates that over 400,000 websites have been targeted, and the bot has successfully spammed “at least 80,000 websites since September 2024.”

The bot generated

Wired has reported that several government officials involved in the Signal chat exposing sensitive national security plans have also exposed their Venmo accounts by not adjusting their account privacy settings to prohibit the information from being publicly accessible. This means that they “left not only their contact lists publicly visible but also their transactions, which

On March 27, 2025, a class action lawsuit was filed against the education technology (EdTech) company Instructure, the parent company of Canvas, a popular learning management system. The complaint alleges that Instructure violated children’s federal and state privacy rights. According to the complaint, Instructure states that it collects various account information about children, including name

Last week, we explored a recent data breach class action and the litigation risk of such lawsuits. Companies need to be aware of litigation risk not only arising from data breaches, but also from shareholder class actions related to privacy concerns.

On March 5, 2025, a class action securities lawsuit was filed against AppLovin Corporation

The California Privacy Protection Agency (CPPA) the agency responsible for implementing and enforcing the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) (collectively the CCPA), protecting consumer privacy, and ensuring compliance with data privacy regulations, has announced an investigate sweep into companies’ collection of sensitive location data. The CPPA has already

Last week, a class action was filed against NewsBank, Inc., a Florida-based news database company, related to a 2024 breach of employee personal information.

NewsBank provides a database of archived news publications utilized by libraries, higher education institutions, and other organizations. NewsBank suffered a security incident affecting its employees’ personal information between June and July

The Department of Government Efficiency’s (DOGE) staggering unfettered access to all Americans’ personal information is highly concerning. DOGE employees’ access includes databases at the Office of Personnel Management, the Department of Education, the Department of Health and Human Services, and the U.S. Treasury.

If you want more information about the DOGE employees who have

According to a highly critical article recently published by TechCrunch,  the Department of Government Efficiency (DOGE), President Trump’s advisory board headed by Elon Musk, has “taken control of top federal departments and datasets” and has access to “sensitive data of millions of Americans and the nation’s closest allies.” The author calls this “the biggest

If you are a GrubHub customer, read carefully. The app has confirmed a security incident involving a third-party vendor that allowed an unauthorized threat actor to access user contact information, including some customer names, email addresses, telephone numbers, and partial payment information for a subset of campus diners.

GrubHub’s response states, “The unauthorized party also