The Pennsylvania State Education Association (PSEA) faces a class action resulting from a July 2024 data breach. The proposed class consists of current and former members of the union as well as PSEA employees and their family members. The lawsuit alleges that the union was negligent and breached its fiduciary duty when it suffered a
Pennsylvania
EyeMed Pays Four State AGs $2.5M for Data Breach
EyeMed Vision Care, LLC has agreed to settle allegations lodged against it by four state Attorneys General for $2.5 million stemming from a data breach that occurred in 2020 and effected 2.1 million people.
The settlement is with the AGs of Florida, New Jersey, Oregon, and Pennsylvania. The breach occurred when threat actors infiltrated EyeMed’s…
At Least 22 States Have Consumer Privacy Legislation Pending – Will 2022 Be the Year for More State Privacy Laws?
California is the gold standard for state privacy laws, having recently enacted the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA). Virginia and Colorado also have enacted comprehensive privacy laws, which will take effect in 2023. Recently, the International Association of Privacy Professionals (IAPP) released its state privacy legislation tracker.…
Contact Tracing Vendor Loses State Contract Over Data Breach
Pennsylvania Governor Tom Wolf announced this week that the Commonwealth will not continue to do business with its contact tracing vendor following a security incident that potentially exposed the personal information of approximately 72,000 residents collected for the Department of Health’s (DoH) contact tracing program.
According to the (DoH), employees of the vendor created documents…
Crozer-Keystone Health System Data for Sale Online by Attackers
It is being reported by Cointelegraph that ransomware group Netwalker is offering for sale data it exfiltrated from Pennsylvania based Crozer-Keystone Health System after the system declined to pay the requested ransom.
According to the report, Netwalker offered to sell the data through its darknet website for six days and if no one buys it,…
On the Border Restaurant Suffers Data Breach
Last week, the Tex-Mex restaurant chain On the Border suffered a data breach that impacted its payment acceptance systems in 27 states. The restaurant says that some credit card information of customers who visited the chain between April and August 2019 may have been compromised. In a press release, On the Border representatives said, “Our…
GozNym Malware Attack Hits Two Law Firms for Over $117K in Losses
Two law firms were among the latest victims of the GozNym malware attack that caused a combined loss of more than $117,000. Law enforcement authorities recently announced the dismantling of a cybercrime network that used this GozNym malware to attempt to steal an estimated $100 million from victims in the United States and around the…
New Pennsylvania Law Imposes Fine for Using Drones to Spy
On October 12, 2018, Pennsylvania approved a new law that imposes criminal penalties on individuals who use drone to spy on others. The law takes effect in 60 days.
Under this law, the state may impose a fine of up to $300 on any individual who uses a drone to invade another person’s privacy or…
Update on the FAA Reauthorization Bill
On April 13, 2018, the U.S. House Transportation and Infrastructure Committee (Committee) leadership introduced a five-year Federal Aviation Administration (FAA) reauthorization bill, FAA Reauthorization Act of 2018 (H.R. 4) (the Act). This bipartisan Act focuses on stabilization of the FAA with consistent funding instead of efforts to reform the air traffic control system. The Act…
Walmart’s Patent for Drone Customer Service
Walmart recently filed a patent for drones to aid their shoppers inside their stores –that is, a shopper would use a mobile device, provided by the store, to request a drone, and then direct the drone to conduct a price verification of a product or to guide the customer to a particular product through the…