1,285 enforcement actions from 14 federal and state jurisdictions. Every event traced back to its official government source.
1,285
Total Actions
14
Jurisdictions
$35.3B+
Total Fines Tracked
Twin Cities Pain Clinic (Healthcare Provider, MN) reported a HIPAA breach affecting 3,572 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Texas Attorney General Ken Paxton filed a lawsuit against PowerSchool, a provider of cloud-based services for K-12 schools, following a data breach that exposed the personal and health information of over 880,000 Texas school-aged children and teachers. The breach occurred in December 2024 when a hacker gained administrative access through a subcontractor's account and stole unencrypted data including Social Security numbers, medical details, and disability records. The lawsuit alleges PowerSchool violated Texas law by failing to implement basic security measures and by misleading customers about its security practices.
North Oaks Health System (Healthcare Provider, LA) reported a HIPAA breach affecting 6,243 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
La Perouse, LLC (Business Associate, NV) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Carrollton Ear, Nose and Throat, PC (Healthcare Provider, GA) reported a HIPAA breach affecting 3,569 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Anthony L. Jordan Health Corporation (Healthcare Provider, NY) reported a HIPAA breach affecting 2,974 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Florida Attorney General James Uthmeier issued a subpoena to Lorex as part of an ongoing consumer protection and data privacy investigation. The probe examines Lorex’s ties to Dahua Technology and potential foreign spying risks, including unauthorized access to children’s data, and whether the company misled consumers about the privacy and security of its camera products and apps. The subpoena seeks documents related to corporate structure, third-party contracts, software update origins, data center locations, security vulnerabilities, and marketing claims about privacy and security.
Reimagine Network (Healthcare Provider, CA) reported a HIPAA breach affecting 4,799 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Prime Therapeutics LLC (Business Associate, MN) reported a HIPAA breach affecting 2,266 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Laptop.
College Parkside Pharmacy (Healthcare Provider, NY) reported a HIPAA breach affecting 5,736 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Assisted Living Pharmacy Service, LLC (Healthcare Provider, WI) reported a HIPAA breach affecting 5,590 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
College Hometown Pharmacy (Healthcare Provider, NY) reported a HIPAA breach affecting 9,742 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Department of Social Services for Vance County, North Carolina (Business Associate, NC) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Independent Health Association, Inc. (Health Plan, NY) reported a HIPAA breach affecting 637 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Other.
zizzl llc (Business Associate, WI) reported a HIPAA breach affecting 2,416 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
FTC Chairman Andrew Ferguson sent warning letters to major technology companies, urging them not to weaken data security or censor American consumers' speech in response to foreign government demands. He reminded them that such actions could violate the FTC Act's prohibition on unfair and deceptive practices, particularly if companies break promises about encryption and security. The letters cite foreign laws like the EU's Digital Services Act and UK's Investigatory Powers Act as pressures that might lead to non-compliance.
McEwen & Associates (Business Associate, TX) reported a HIPAA breach affecting 500 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
FTC Chairman Andrew Ferguson sent warning letters to over a dozen major technology companies, reminding them of their obligations under the FTC Act to protect American consumers' data security and privacy, even when facing pressure from foreign governments to weaken encryption or censor content. The letters warn that weakening security measures or censoring speech in response to foreign demands could constitute deceptive practices under the FTC Act.
Arkansas Primary Care Clinic (Healthcare Provider, AR) reported a HIPAA breach affecting 2,491 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Revere Health PC (Healthcare Provider, UT) reported a HIPAA breach affecting 605 individuals. Breach type: Hacking/IT Incident. Location of breached information: Desktop Computer.
CareTracker, Inc. (Business Associate, NY) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Texas Attorney General Ken Paxton opened an investigation into Meta and Character.AI via Civil Investigative Demands, alleging deceptive trade practices including misrepresenting AI chatbots as confidential mental health tools while harvesting user data for targeted advertising. The probe assesses potential violations of Texas consumer protection laws and the SCOPE Act, particularly regarding privacy misrepresentations, concealment of data usage, and harms to children. This builds on prior investigations into Character.AI for SCOPE Act compliance.
Attorney General William Tong is seeking a preliminary injunction to block the U.S. Department of Agriculture from forcing states to share private data of SNAP participants, including social security numbers and shopping history. USDA is threatening to cut off administrative funding if states do not comply, which AG Tong argues violates federal privacy laws and the Constitution.
Bevel Health Medical Group (Healthcare Provider, PA) reported a HIPAA breach affecting 510 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Electronic Medical Record.
Texas Attorney General Ken Paxton has opened an investigation into Meta AI Studio and Character.AI for deceptive practices in marketing AI chatbots as mental health services to children. The platforms are accused of impersonating licensed professionals, fabricating qualifications, and exploiting user data for advertising without proper disclosure. Civil Investigative Demands have been issued to examine violations of Texas consumer protection laws and the SCOPE Act.
Lake City Cancer Care, LLC (Healthcare Provider, FL) reported a HIPAA breach affecting 9,980 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Welcome Dentistry-Anaheim (Healthcare Provider, CA) reported a HIPAA breach affecting 1,001 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Mower County Health and Human Services (Healthcare Provider, MN) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Welcome Dentistry-Los Angeles (Healthcare Provider, CA) reported a HIPAA breach affecting 1,001 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
UnitedHealthcare (Health Plan, CT) reported a HIPAA breach affecting 3,215 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Paper/Films.
All data sourced from official government enforcement pages.