Ashden Fein, Caleb Skeath, Micaela McMurrough, Emily Pehrsson, and Sierra Stubbs of Covington and Burling write: Oklahoma recently enacted Senate Bill 626, which substantially amends the state’s data breach notification law to broaden the scope of notification obligations and add a new regulator notification requirement along with a new “safe harbor”-style provision that provides liability protections if certain…
Category: U.S.
State Legislation : Rhode Island Enacts New Financial Institutions Cybersecurity Law With Immediate Effect
From a Cooley alert: As the Consumer Financial Protection Bureau (CFPB) and Federal Trade Commission (FTC) scale back rulemaking and enforcement, states are advancing more prescriptive cybersecurity standards for financial institutions, including many that align with the approach and standards set by the New York Department of Financial Services (NYDFS). On July 2, 2025, Rhode…
State Legislation: Augmented data broker, data breach requirements advance in California
From VitalLaw’s weekly roundup of privacy and cybersecurity legislation: Augmented data broker, data breach requirements advance in California. The California state Assembly Appropriations Committee voted on July 9 to pass a bill that would require data brokers in the state to disclose additional information regarding their data-collection practices. S.B. 361, Reg Sess., would, if enacted, require data…
Marysville School District provides update on data breach
Fox28 reports: Current and former students at Marysville Schools have started receiving letters notifying them that their personal information was compromised during a cybersecurity incident last fall that resulted in classes being cancelled for a day. The letter, which the district has also posted on its website, comes from a P.O. Box in West Sacramento. California. Superintendent Zack…
Florida prison data breach exposes visitors’ contact information to inmates
Mitch Perry reports: Dozens and perhaps hundreds of individuals who applied to visit inmates at Everglades Correctional Institution (ECI) in Miami-Dade County last weekend had their personal contact information shared with every inmate at that facility, according to five different individuals who have spoken to the Phoenix over the past four days. The Florida Department…
Minnesota National Guard deployed; St. Paul declares state of emergency in response to cyberattack
Samantha Fischer reports: Minnesota Governor Tim Walz issued an executive order to activate the National Guard Tuesday after the city of St. Paul became the target of a cyberattack. According to the governor’s office, the order took effect immediately. “We are committed to working alongside the City of Saint Paul to restore cybersecurity as quickly as possible,”…