Leveraging Knowledge to Manage Your Data Risks
A new, yet old, scheme has been quite successful and users should beware. If you get an account change message from Apple, be on high alert that it is fake and malicious.
According to Bleeping Computer, the scheme involves a threat actor using an Apple support email (e.g., appleid@id.apple.com) to send phishing emails to…
I have very fond memories of using a Eurail pass back in the day while backpacking through Europe as a student. I was saddened to see that Eurail was the victim of a data breach in December 2025 when attackers obtained access to travelers’ full names and contact information, including email addresses, passport details, ID…
On January 1, 2026, broad new privacy laws will take effect in Kentucky, Indiana, and Rhode Island, granting consumers in those states greater control over their personal data. With these additions, 19 states now have comprehensive privacy laws in place, which is a significant shift in the data privacy landscape since California led the way in 2018 with the…
700Credit, a Michigan-based company that runs credit checks and identification verification services for automobile dealerships nationwide, has announced that an “integrated partner” was compromised, allowing a bad actor to obtain unauthorized access to its network of information about individuals whose credit the company checked. The incident was discovered on October 25, 2025.
Michigan officials confirmed…
A recent federal court decision in Adam v. CaringBridge, Inc., No. 25-cv-06042-WHO, 2025 WL 3493565 (N. Cal. Dec. 5, 2025), offers a cautionary tale for plaintiffs in privacy class actions, and a strategic playbook for defendants. Even where a case is properly filed in California (the home turf for many privacy statutes and plaintiffs)…
Malwarebytes recently reported that it has found scammers hijacking websites of name brands, including banks, software companies, and social media platforms to trick victims into calling a fraudulent telephone number instead of a 24/7 support line.
According to Malwarebytes:
Here’s how it works: Cybercriminals pay for a sponsored ad on Google pretending to be a…
After writing over 500 privacy tips in my career, it gets a little difficult to find new content to keep the tips relevant and timely. I came across a recent post by the CyberGuy, Kurt Knutsson, that I thought our readers would get some insightful tips from, including up to date ideas on how…
Are you storing sensitive data on a shared network drive? If so, your organization could be at serious risk of a data breach or privacy lawsuit. Shared drives, like the common “S:\ drive,” are often used to store documents, spreadsheets, customer information, financial records, and even scanned IDs. But here’s the problem: these network shares…
Video Privacy Protection Act (VPPA) class action lawsuits have been on the rise, and the owner of the The Onion, a popular satire site, finds itself the subject of a recent one. On May 16, 2025, a plaintiff-initiated litigation against Global Tetrahedron, LLC, the owner of The Onion, alleges that the defendant installed the Meta…
On May 21, 2025, the Federal Trade Commission (FTC) finalized its order with GoDaddy over allegations that GoDaddy “failed to implement standard data security tools and practices to protect customers’ websites and data.” In a Complaint filed against GoDaddy in January 2025, the FTC alleged that the company had “failed to implement reasonable and appropriate…
