Josh Hansen and Alfred Saikali of Shook, Hardy & Bacon write: The Florida legislature passed a bill that provides immunity to companies that suffer a data breach. The immunity is conditioned on the company: (1) complying with the notice requirements of Florida’s data breach notification law, and (2) maintaining a cybersecurity program that tracks certain…
Category: U.S.
Over 2,300,000 records of Family Entertainment Business Were Exposed in Data breach
Jeremiah Fowler reports: The publicly exposed database contained 2,363,222 documents in.PDF and.PNG formats with a total size of 92.3 GB. These included reservations, injury waivers, and receipts with partial credit card numbers and transaction details. Additionally, there were digital gift cards with no expiration date, source images for websites and templates. I immediately sent a…
Indiana Attorney General Files Suit Against Apria Healthcare
Attorney General Todd Rokita is filing a lawsuit on behalf of the people of Indiana against Apria Healthcare LLC for a massive data breach that impacted at least 42,000 Hoosiers and 1.8 million people nationwide. Apria is a provider of home healthcare equipment and related services across the United States. Apria provides medical equipment to over…
41 State Attorneys General tell Meta to do better in preventing and mitigating account takeovers
A coalition of state attorneys general have sent a letter to Meta asking them to do more to help users whose accounts have been hacked or taken over. The letter to Meta’s Chief Legal Officer begins: Dear Ms. Newstead: We, the undersigned attorneys general (the “State AGs”), write to request immediate action to address the…
South St. Paul Public Schools investigating potential cybersecurity threat
Maraya King reports: South St. Paul Public Schools alerted families this week to an ongoing technology disruption that is being investigated. Staff and families were notified Monday of technical difficulties “that may disrupt certain services” like online platforms, emails and other digital services. On Tuesday the district said it had been made aware of “unauthorized activity within…
Fraudster’s fake data breach claims should remind media to be careful what we report
Over the past few weeks, DataBreaches had occasionally checked a dark web leak site by an individual or group called “Mogilevich.” However, DataBreaches didn’t report on any of their claimed victims because the site and the claims seemed sketchy and there was no confirmation. DataBreaches will not name and shame those sites or outlets that…