personally identifiable information

Subscribe to personally identifiable information via RSS

On January 1, 2026, broad new privacy laws will take effect in Kentucky, Indiana, and Rhode Island, granting consumers in those states greater control over their personal data. With these additions, 19 states now have comprehensive privacy laws in place, which is a significant shift in the data privacy landscape since California led the way in 2018 with the

700Credit, a Michigan-based company that runs credit checks and identification verification services for automobile dealerships nationwide, has announced that an “integrated partner” was compromised, allowing a bad actor to obtain unauthorized access to its network of information about individuals whose credit the company checked. The incident was discovered on October 25, 2025.

Michigan officials confirmed

A recent federal court decision in Adam v. CaringBridge, Inc., No.  25-cv-06042-WHO, 2025 WL 3493565 (N. Cal. Dec. 5, 2025), offers a cautionary tale for plaintiffs in privacy class actions, and a strategic playbook for defendants. Even where a case is properly filed in California (the home turf for many privacy statutes and plaintiffs)

Malwarebytes recently reported that it has found scammers hijacking websites of name brands, including banks, software companies, and social media platforms to trick victims into calling a fraudulent telephone number instead of a 24/7 support line.

According to Malwarebytes:

Here’s how it works: Cybercriminals pay for a sponsored ad on Google pretending to be a

Are you storing sensitive data on a shared network drive? If so, your organization could be at serious risk of a data breach or privacy lawsuit. Shared drives, like the common “S:\ drive,” are often used to store documents, spreadsheets, customer information, financial records, and even scanned IDs. But here’s the problem: these network shares

On May 21, 2025, the Federal Trade Commission (FTC) finalized its order with GoDaddy over allegations that GoDaddy “failed to implement standard data security tools and practices to protect customers’ websites and data.” In a Complaint filed against GoDaddy in January 2025, the FTC alleged that the company had “failed to implement reasonable and appropriate

Pennsylvania-based Chord Specialty Dental Partners is under fire after a September 2024 data breach compromised the personal information of over 173,000 individuals. At least seven proposed class action lawsuits have been filed in federal courts in Tennessee and Pennsylvania, alleging the company failed to secure and protect patient data properly.

The lawsuits claim Chord Dental

On April 22, 2025, the National Football League (NFL) filed an amicus brief asking the United States Supreme Court to take on a Video Privacy Protection Act (VPPA) class action case against the National Basketball Association (NBA). In my last post, we covered a recent VPPA lawsuit against a movie theater company and reviewed