CPPA Launches Enforcement Sweep on Data Broker Registration Compliance

The California Privacy Protection Agency (CPPA) has initiated an enforcement sweep to ensure data brokers comply with registration requirements. This follows CPPA’s takeover of broker registry duties under the Delete Act, effective January 2024. Non-compliance can result in penalties of $200 per day. The law targets brokers who collect and sell personal data without direct consumer relationships. While the full provisions of the Delete Act come into force in 2026, CPPA is focused on enforcing existing rules. A new deletion mechanism will allow consumers to request data removal from brokers starting in 2026. Read more

Change Healthcare Data Breach Affects 100 million Patients

Change Healthcare, owned by UnitedHealth Group, revealed that a February 2024 cyberattack affected 100 million patients, surpassing the 2015 Anthem breach of 78.8 million. Initially, Change reported only 500 individuals were impacted, but the scope expanded significantly. Congress is now considering lifting HIPAA violation fine caps and introducing stricter penalties for healthcare firms with lax cybersecurity. The breach has raised concerns about the healthcare sector’s vulnerability and its impact on patients' privacy. The Department of Health and Human Services is urging for tougher cybersecurity standards. Read more

Landmark Admin Data Breach Exposes Personal Data of Over 800,000

Landmark Admin, a Texas-based insurance servicer, reported a data breach that may affect nearly 68,000 Texans and over 800,000 people nationwide. Detected on May 13, the breach involved unauthorized access to names, addresses, Social Security numbers, financial details, and medical information. Landmark initially contained the breach, but on June 17, the attacker regained access. Following an investigation, Landmark began notifying affected individuals on October 23 and is offering identity theft protection, including credit monitoring. The Federal Trade Commission advises affected individuals to monitor credit reports and consider a credit freeze. Read more

Chinese Hackers Target Trump and Harris Campaigns' Telecommunications

Chinese hackers allegedly accessed U.S. telecommunications infrastructure, targeting the mobile phones of Trump, his running mate JD Vance, and Vice President Kamala Harris' campaign members. The FBI and CISA are investigating the breach and have notified affected parties. Verizon is also assisting in confirming the breach's impact. The investigation aims to determine whether campaign data was stolen. The Trump campaign blamed the Biden-Harris administration for the breach, while the investigation continues to assess potential nationwide targets. Read more

One Year After AI Executive Order, U.S. Government Marks Key Milestones in AI Governance

The White House commemorated the one-year anniversary of its Executive Order on AI, highlighting the completion of over 100 tasks by federal agencies aimed at improving AI safety, security, and governance. These initiatives focus on protecting workers, consumers, privacy, and civil rights while addressing AI-related risks. Key actions included the establishment of a national AI safety institute and collaboration with global leaders on AI regulations. Despite progress, comprehensive AI regulation has yet to materialize at the federal level, as state laws and international efforts continue to evolve. Read more