1,285 enforcement actions from 14 federal and state jurisdictions. Every event traced back to its official government source.
1,285
Total Actions
14
Jurisdictions
$35.3B+
Total Fines Tracked
Connecticut Attorney General William Tong submitted testimony in support of genetic privacy legislation that would grant residents exclusive control over their DNA and genetic data. The legislation is inspired by his office's investigation into 23andMe's data breach affecting over six million customers and the company's subsequent bankruptcy. The bill requires express consent for DNA use, imposes security measures, and prohibits marketing use of DNA.
Comstar, LLC, an ambulance billing vendor, suffered a data breach in March 2022 that exposed sensitive patient information, including Social Security numbers and medical records, of over 349,000 residents in Connecticut and Massachusetts. The settlement requires Comstar to pay $515,000 and implement enhanced security measures such as phishing protection and annual security assessments.
$515K
Connecticut filed a statement of interest in the bankruptcy of Prospect Medical Holdings, alleging years of mismanagement that harmed patients and led to a ransomware attack compromising the data of 212,369 residents. The state seeks to ensure a responsible transition of hospitals and hold Prospect accountable for its misconduct.
Connecticut Attorney General William Tong urged residents to enroll in free credit monitoring and identity theft protection following the Change Healthcare cyberattack in February 2024, which exposed sensitive health data. The breach potentially impacted up to one-third of Americans, but Change Healthcare has failed to provide individual notice to affected consumers. The AG joined other attorneys general in April 2024 to demand that UnitedHealth Group take more meaningful action to protect those harmed.
All data sourced from official government enforcement pages.