From a Cooley alert: As the Consumer Financial Protection Bureau (CFPB) and Federal Trade Commission (FTC) scale back rulemaking and enforcement, states are advancing more prescriptive cybersecurity standards for financial institutions, including many that align with the approach and standards set by the New York Department of Financial Services (NYDFS). On July 2, 2025, Rhode…
Dollar Tree denies ransomware claims, says stolen data is from defunct discount chain
One of the headlines yesterday, reported elsewhere, was that INC Ransom had breached Dollar Tree. Today’s headline is that Dollar Tree has denied it is their breach. Jonathan Greig reports: Discount retail giant Dollar Tree denied that its systems were impacted by ransomware after a cybercriminal operation claimed on Wednesday to have attacked the company….
State Legislation: Augmented data broker, data breach requirements advance in California
From VitalLaw’s weekly roundup of privacy and cybersecurity legislation: Augmented data broker, data breach requirements advance in California. The California state Assembly Appropriations Committee voted on July 9 to pass a bill that would require data brokers in the state to disclose additional information regarding their data-collection practices. S.B. 361, Reg Sess., would, if enacted, require data…
Marysville School District provides update on data breach
Fox28 reports: Current and former students at Marysville Schools have started receiving letters notifying them that their personal information was compromised during a cybersecurity incident last fall that resulted in classes being cancelled for a day. The letter, which the district has also posted on its website, comes from a P.O. Box in West Sacramento. California. Superintendent Zack…
Progressive Southeastern Insurance Company
Progressive Southeastern Insurance Company’s notice to consumers concerns an impostor whom they unknowingly hired, it seems: What Happened? In March 2025, we received anonymous information that a Progressive employee was working under someone else’s identity. We promptly began an internal investigation. The investigation determined that the employee had used someone else’s identity to obtain employment…
WA: Cyber-attacks problem for small hospitals
We often hear about the challenges rural hospitals face in preventing and responding to cyberattacks. Here’s an article that provides some numbers for context. Don Gronning reports: Small hospitals have been a target of cyber criminals, hospital district CEO Kim Manus told Pend Oreille Hospital District No. 1 commissioners at their regular meeting Thursday, July…