1,285 enforcement actions from 14 federal and state jurisdictions. Every event traced back to its official government source.
1,285
Total Actions
14
Jurisdictions
$35.3B+
Total Fines Tracked
New York Attorney General Letitia James settled with public accounting firm Wojeski & Company over two data breaches in 2023 and 2024 that exposed personal information of over 4,700 New York residents, including social security numbers and medical benefits. The firm failed to implement adequate data security measures, did not encrypt sensitive data, and delayed notifying affected consumers of the breaches for over a year. Wojeski must pay $60,000 in penalties and implement enhanced cybersecurity measures including encryption, incident response plans, and employee training.
$60K
New York Attorney General Letitia James, joined by 27 other state attorneys general and the District of Columbia, filed a lawsuit against 23andMe to block the company’s planned sale of 15 million customers’ genetic and health data without their consent or knowledge. The coalition argues 23andMe must comply with state laws requiring express informed consent for the sale or transfer of sensitive genetic data. The lawsuit seeks to prevent misuse, exposure in future breaches, and unauthorized use of customers’ private genetic information.
All data sourced from official government enforcement pages.