1,338 enforcement actions from 14 federal and state jurisdictions. Every event traced back to its official government source.
1,338
Total Actions
14
Jurisdictions
$50.6B+
Total Fines Tracked
California Attorney General Rob Bonta, joined by Connecticut and New York Attorneys General, secured a $5.1 million multistate settlement with edtech company Illuminate Education, Inc. over a 2021 data breach that exposed sensitive personal and medical information of millions of students, including over 434,000 California students. The investigation found Illuminate failed to implement basic security measures, including failing to terminate former employee credentials, lacking suspicious activity monitoring, and unsecured backup databases, as well as making false statements in its privacy policy. Illuminate must pay $3.25 million to California, implement enhanced security practices, and notify the CA DOJ of future student data breaches.
$5.1M
California Attorney General Xavier Becerra announced a settlement with Glow, Inc., operator of a fertility-tracking mobile app, over privacy and security failures that risked exposing millions of users’ sensitive personal and medical information. The settlement includes a $250,000 civil penalty and injunctive terms requiring Glow to implement privacy and security design principles, obtain affirmative user consent for data sharing, and allow users to revoke consent. Glow was alleged to have failed to safeguard health information, allowed unauthorized access to user data, and maintained flawed password reset functions that could enable third-party access without consent.
$250K
All data sourced from official government enforcement pages.