The Federal Trade Commission has finalized an order with GoDaddy settling allegations that the webhosting provider misled consumers by failing to implement data security protections, which led to several data breaches. The FTC alleged in January 2025 that despite claiming it provides “award-winning security,” GoDaddy failed to implement standard data security tools and practices to protect customers’…
Category: Breach Laws
HHS Office for Civil Rights Settles HIPAA Cybersecurity Investigation with Vision Upright MRI
On March 10, 2025, Vision Upright MRI notified HHS of a breach affecting 23,031 patients, but there was nothing posted on their website to explain the breach. A press release issued by HHS today provides some explanation for the incident that involved the medical images of 21,778 patients. From their release: OCR initiated a compliance…
Treasury agrees to block additional DOGE staff from accessing sensitive payment systems
Suzanne Smalley reports: The Treasury Department has agreed to temporarily block all but two members of the Trump administration’s Department of Government Efficiency (DOGE) team from accessing sensitive payment records and to limit their access to “read-only,” according to a Wednesday court filing. The DOGE workers allowed to continue accessing Treasury’s payment systems are Tom…
Nine months after discovering a ransomware attack, Teton Orthopaedics notifies patients
On March 25, DataBreaches entered Teton Orthopaedics’ name on a monthly worksheet this site uses for tracking breaches in the healthcare sector. The entry wasn’t based on any report by Teton Orthopaedics or media, and DataBreaches had been unable to find any notice by the provider. The entry was based on a claim by the…
PowerSchool Incident: A few resources for teachers, parents, and former students (2)
DataBreaches is trying to keep up with updates from PowerSchool, but from the outset, DataBreaches has recommended districts, parents, and teachers assume the worst — i.e., assume that all of the data really weren’t deleted permanently. On the premise of better safe than sorry, and reminding people that PowerSchool’s attorney is not YOUR attorney, here…
India’s Digital Data Protection Framework: Safety, Trust and Resilience
Samaya Dharmaraj reports: In an era where digital transformation shapes every aspect of governance, business, and daily life, safeguarding citizens’ personal data has become a top priority for India. Recognising the critical need for a secure andaccountable digital ecosystem, the government has taken significant steps to establish a robust framework for data protection and cyber resilience. At…