Of Note – Page 15 – DataBreaches.Net

Robinhood to Pay $45 Million SEC Settlement Over Data Breach, Other Violations

Posted on January 14, 2025January 14, 2025 by Dissent

Alexander Osipovich reports: Two brokerage units of Robinhood Markets agreed to pay $45 million to settle an investigation by the Securities and Exchange Commission into a range of alleged violations, including one stemming from a 2021 data breach that exposed millions of customer names and emails. … In the November 2021 breach, email addresses for about…

Equifax Class Action Settlement 2024 Payment Started, Claimants Getting Paid Via Checks (1)

Posted on January 14, 2025January 16, 2025 by Dissent

UPDATE of January 16, 2025: I am stunned by the response to this post and the number of people asking me how they can file a claim or get help. This breach was in 2017. If you never filed a claim when the settlement was open for claims, it’s too late to file now. Read…

PowerSchool Sued Over December Breach of Student, Teacher Data

Posted on January 10, 2025 by Dissent

Christopher Brown reports: PowerSchool Holdings Inc. is facing three federal lawsuits alleging the education software provider negligently failed to protect the personal information of students, parents, and teachers that was exposed in a December data breach. Sheilah Buack-Shelton, Tyler Baker, and Kimberly Kinney alleged in separate complaints that PowerSchool breached its duties under common law,…

PowerSchool Incident: A few resources for teachers, parents, and former students (2)

Posted on January 10, 2025January 14, 2025 by Dissent

DataBreaches is trying to keep up with updates from PowerSchool, but from the outset, DataBreaches has recommended districts, parents, and teachers assume the worst — i.e., assume that all of the data really weren’t deleted permanently. On the premise of better safe than sorry, and reminding people that PowerSchool’s attorney is not YOUR attorney, here…

Hackers Claim To Have Compromised Data Broker Used By U.S. Government To Dodge Warrants

Posted on January 9, 2025 by Dissent

Over on TechDirt, Karl Bode writes: Gravy Analytics, the parent company of Venntel, is like many dodgy data brokers. The company gleans vast troves of sensitive U.S. behavior and location cellphone data, then generally sells access to that data to a long line of folks. Including the U.S. government, which has increasingly turned to buying…

HHS Office for Civil Rights Settles HIPAA Security Rule Investigation with USR Holdings, LLC Concerning the Deletion of Electronic Protected Health Information

Posted on January 8, 2025 by Dissent

Note: In 2019, when USR Holdings disclosed this breach to affected patients, they did not mention that ePHI had been deleted. So in 2025, we are first learning of this part of the breach? The following is HHS OCR’s press release today. Settlement resolves multiple Security Rule failures Today, the U.S. Department of Health and…