Jane Wester reports: U.S. District Judge Nelson Román of the Southern District of New York on Monday dismissed a proposed class action lawsuit against Ally Financial, finding that the plaintiff failed to establish the injury suffered by a data breach incident. Named plaintiff David De Medicis sued the bank in 2021, arguing that the security... The post Too Speculative’: US Judge Throws Out Data Breach Suit Against Ally Financial appeared first on DataBreaches.net ..read more

Hunton Andrews Kurth writes: On March 19, 2024, Utah’s Governor Spencer J. Cox signed Senate Bill (SB) 98 (the “Bill”), Online Data Security and Privacy Amendments, into law. The Bill amends the Protection of Personal Information Act (§13-44-101 et seq) and the Utah Technology Governance Act in the Utah Government Operations Code (§63A-16-1101 et seq). The Utah Technology Governance... The post Utah Enacts Amendments to State Breach Notification Law appeared first on DataBreaches.net ..read more

The RSS feed should be working again for those who are already subscribed to it or would like to subscribe to it: https://databreaches.net/feed/   The post System Status Note appeared first on DataBreaches.net ..read more

WASHINGTON — Today, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioned Wuhan Xiaoruizhi Science and Technology Company, Limited (Wuhan XRZ), a Wuhan, China-based Ministry of State Security (MSS) front company that has served as cover for multiple malicious cyber operations. OFAC is also designating Zhao Guangzong and Ni Gaobin, two Chinese nationals affiliated with Wuhan XRZ,for... The post Treasury Sanctions China-Linked Hackers for Targeting U.S. Critical Infrastructure appeared first on DataBreaches.net ..read more

On March 8, DataBreaches experienced a massive DDoS attack. At the time, I thought all posts had been restored and it was just a question of reuploading images. After hearing from researchers who cannot find old posts, however, it seems that yes, there are likely many old posts that did not get reuploaded and some... The post System Status Note appeared first on DataBreaches.net ..read more

A new leaksite appeared this past week that appears to have been created for one particular incident. The notice begins: Dear Visitor of Commonwealth Healthcare Corporation LEAK website: We regret to inform you that Commonwealth Healthcare Corporation has experienced a complete data breach from its internal servers. This includes the data of all patients, medical... The post Commonwealth Healthcare Corporation breached, patient data involved appeared first on DataBreaches.net ..read more

Kathryn M. Rattigan of Robinson & Cole LLP writes: Convergent Outsourcing Inc., a debt-collection agency, settled a data breach class action in the U.S. District Court for the Western District of Washington for $2.45 million. The class action suit against Convergent alleged that the business failed to protect the personal information of over 640,000 individuals.... The post Convergent Outsourcing Settles Data Breach Class Action for $2.45 Million appeared first on DataBreaches.net ..read more

Marco A. De Felice reports: The American Renal Associates (now known as Innovative Renal Care), with over 230 locations across the United States, has become the latest victim in the clinical-hospital sector of a ransomware attack. Recently, the Medusa group has made thousands of PHI and PII data stolen from the company’s servers on March 2nd publicly available on... The post American Renal Associates patients affected by ransomware attack appeared first on DataBreaches.net ..read more

Alicia Hope reports: Nissan Oceania is notifying 100,000 individuals that the December 2023 data breach exposed their personal information. The New Zealand and Australia-based subsidiary of the Japanese automaker Nissan said it detected “unauthorized access” to its local IT servers on December 5, 2023. It responded by notifying law enforcement authorities, privacy regulators, and national... The post Nissan Oceania Data Breach Impacts 100,000 Individuals in Australia and New Zealand appeared first on DataBreaches.net ..read more

There is an update to a data leak incident discovered and reported by independent researcher Jelle Ursem and DataBreaches.net in April 2021.  Top Class Actions reports that Med-Data, a business associate that handles health insurance claims data, has agreed to pay $7 million to resolve claims that one of its employees publicly posted patient information on... The post Med-Data data leak $7M class action settlement appeared first on DataBreaches.net ..read more