Adding to the list of many other municipalities, the city of Pensacola, Florida, was hit with a cyber-attack last weekend that affected services to residents, including emergency telephone assistance. Although Pensacola is recovering, some services are still down, including online bill paying. The city of Pensacola is requesting residents to pay using other methods, including

On March 18, the Office for Civil Rights of the U.S. Department of Health and Human Services issued a Bulletin updating its guidance to HIPAA-covered entities and business associates on the use of tracking technology on websites and mobile apps.

The Bulletin supplements the original guidance published by OCR in December 2022.

According to the

Darktrace researchers have outlined a particularly scary scenario of how threat actors are bypassing MFA and using artificial intelligence to launch sophisticated phishing attacks against users.

The case study “leveraged legitimate Dropbox infrastructure and successfully bypassed multifactor authentication (MFA) protocols…which highlights the growing exploitation of legitimate popular services to trick targets into downloading malware and

The California Privacy Protection Agency’s (CPPA) highly anticipated regulations for automated decision-making technology and risk assessment requirements are likely far from final. The CPPA met at the beginning of the month but did not come to a consensus on what the final regulations should look like.

The CPPA’s vote was expected to be procedural but

Convergent Outsourcing Inc., a debt-collection agency, settled a data breach class action in the U.S. District Court for the Western District of Washington for $2.45 million. The class action suit against Convergent alleged that the business failed to protect the personal information of over 640,000 individuals. The breach occurred in June 2022.

Plaintiffs alleged that

Below is an excerpt of a Robinson+Cole legal update co-authored by Government Enforcement and White-Collar Defense Team co-chair  Seth Orkand and member David Carney.

On March 7, 2024, Deputy Attorney General (DAG) Lisa Monaco announced the contours of a new Department of Justice (DOJ) pilot program (Pilot) offering financial incentives to individual whistleblowers who

Patching vulnerabilities is a difficult task. Keeping up with and patching them without disrupting users’ experience is tricky. Nonetheless, it is a necessary evil and crucial to cybersecurity hygiene and incident prevention.

On March 12, 2024, the Cybersecurity & Infrastructure Security Agency (CISA) issued three Cybersecurity Alerts for Adobe, Microsoft, and Fortinet security patches.

The

Yesterday, with broad bipartisan support, the U.S. House of Representatives voted overwhelmingly (352-65) to support the Protecting Americans from Foreign Adversary Controlled Applications Act, designed to begin the process of banning TikTok’s use in the United States. This is music to my ears. See a previous blog post on this subject.

The Act would penalize