EyeMed Vision Care, LLC has agreed to settle allegations lodged against it by four state Attorneys General for $2.5 million stemming from a data breach that occurred in 2020 and effected 2.1 million people.

The settlement is with the AGs of Florida, New Jersey, Oregon, and Pennsylvania. The breach occurred when threat actors infiltrated EyeMed’s

Private employers in New Jersey need to be aware of the latest employee privacy law that will take effect on April 18, 2022. A3950 prohibits employers from knowingly using a “tracking device” in a vehicle used by an employee without providing written notice to the employee.

Employers that violate this new law can be subject

California is the gold standard for state privacy laws, having recently enacted the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA). Virginia and Colorado also have enacted comprehensive privacy laws, which will take effect in 2023. Recently, the International Association of Privacy Professionals (IAPP) released its state privacy legislation tracker.

One of the challenging things about HIPAA (Health Insurance Portability and Accountability Act) enforcement is the fact that both the Office for Civil Rights and State AGs have jurisdiction to assess fines and penalties for HIPAA violations. The old double whammy.

States enforce those rights sparingly, but New Jersey is getting itself on the map

This week, Volkswagen AG’s U.S. entity and its Audi brand were hit with a class action for a data breach that allegedly compromised 3.3 million consumers’ personal information. In the U.S. District Court for the District of New Jersey, a California consumer filed a suit against the automakers on behalf of other current and prospective

On December 18, seven states have entered into a settlement agreement with e-retailer Cafe-Press for $2 million stemming from a 2019 data breach that exposed information of approximately 22 million consumers. The breach affected consumers’ personal information, including usernames and passwords, Social Security numbers, and/or Taxpayer Identification numbers.

Of the $2 million, $750,000 will be

Last week, the Tex-Mex restaurant chain On the Border suffered a data breach that impacted its payment acceptance systems in 27 states. The restaurant says that some credit card information of customers who visited the chain between April and August 2019 may have been compromised. In a press release, On the Border representatives said, “Our

Last week, reports of “drone activity” temporarily halted flights at the Newark Liberty International Airport in New Jersey. The Federal Aviation Administration (FAA) had to briefly hold arrivals due to “reports of drone activity north of the airport earlier that evening.” The airport had to coordinate with the FAA and federal law enforcement authorities to

The New Jersey Attorney General’s office announced this week that it has fined Virtua Medical Group, which is comprised of more than 50 medical practices in New Jersey, for failing to protect the privacy of 1,650 patients when their medical information was accessible online.

The information was uploaded to a password-protected FTP website, but during

Last week, the New Jersey state assembly passed legislation, Assembly Bill 520 (the Bill), that provides for fines and prison terms for individuals convicted of unsafe and/or prohibited unmanned aerial systems (UAS or drone) operations. Specifically, the Bill will provide for up to six months in jail and fines of up to $1,000 for a