Pennsylvania

Subscribe to Pennsylvania via RSS

While California’s wiretapping statute, the California Invasion of Privacy Act (CIPA), tends to dominate the conversation about the recent rise in wiretapping litigation, plaintiffs are also turning to other states’ wiretapping laws to target web tracking and session-replay tools. The U.S. Court of Appeals for the Third Circuit recently held that a website visitor could

On January 1, 2026, broad new privacy laws will take effect in Kentucky, Indiana, and Rhode Island, granting consumers in those states greater control over their personal data. With these additions, 19 states now have comprehensive privacy laws in place, which is a significant shift in the data privacy landscape since California led the way in 2018 with the

On August 11, 2025, the Pennsylvania Office of Attorney General (PA AG) issued a statement on its Facebook account regarding a cyber incident that had affected PA AG systems, including its website, email accounts, and phone lines.

The PA AG has not shared a specific cause of the incident. However, security researcher Kevin Beaumont recognized

EyeMed Vision Care, LLC has agreed to settle allegations lodged against it by four state Attorneys General for $2.5 million stemming from a data breach that occurred in 2020 and effected 2.1 million people.

The settlement is with the AGs of Florida, New Jersey, Oregon, and Pennsylvania. The breach occurred when threat actors infiltrated EyeMed’s

California is the gold standard for state privacy laws, having recently enacted the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA). Virginia and Colorado also have enacted comprehensive privacy laws, which will take effect in 2023. Recently, the International Association of Privacy Professionals (IAPP) released its state privacy legislation tracker.

Pennsylvania Governor Tom Wolf announced this week that the Commonwealth will not continue to do business with its contact tracing vendor following a security incident that potentially exposed the personal information of approximately 72,000 residents collected for the Department of Health’s (DoH) contact tracing program.

According to the (DoH), employees of the vendor created documents

It is being reported by Cointelegraph that ransomware group Netwalker is offering for sale data it exfiltrated from Pennsylvania based Crozer-Keystone Health System after the system declined to pay the requested ransom.

According to the report, Netwalker offered to sell the data through its darknet website for six days and if no one buys it,

Last week, the Tex-Mex restaurant chain On the Border suffered a data breach that impacted its payment acceptance systems in 27 states. The restaurant says that some credit card information of customers who visited the chain between April and August 2019 may have been compromised. In a press release, On the Border representatives said, “Our

Two law firms were among the latest victims of the GozNym malware attack that caused a combined loss of more than $117,000. Law enforcement authorities recently announced the dismantling of a cybercrime network that used this GozNym malware to attempt to steal an estimated $100 million from victims in the United States and around the