1,338 enforcement actions from 14 federal and state jurisdictions. Every event traced back to its official government source.
1,338
Total Actions
14
Jurisdictions
$50.6B+
Total Fines Tracked
A coalition of 18 state attorneys general, led by Illinois AG Kwame Raoul, filed a lawsuit against the Trump administration to stop a policy that grants Elon Musk and DOGE unauthorized access to the Treasury Department's payment system, which contains sensitive personal information like bank details and Social Security numbers. The lawsuit seeks an injunction and a declaration that the policy is unlawful, arguing it violates federal law and jeopardizes data security.
Connecticut Attorney General William Tong joined a coalition of 12 attorneys general to announce they will file a lawsuit against the U.S. Department of the Treasury and DOGE for unlawfully granting Elon Musk and DOGE staff access to sensitive personal information and payment systems. The AGs argue this unauthorized access threatens privacy rights and essential payments for millions of Americans. The lawsuit seeks to revoke access and prevent further interference.
ARC Community Services, Inc. (Healthcare Provider, WI) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
ZI NEUROSCIENCES (Healthcare Provider, NJ) reported a HIPAA breach affecting 1,000 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Other, Paper/Films.
Methodist Homes of Alabama and Northwest Florida (Healthcare Provider, AL) reported a HIPAA breach affecting 908 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Benefits Management Group, Inc. (Business Associate, IL) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Spring River Mental Health & Wellness (Healthcare Provider, KS) reported a HIPAA breach affecting 3,250 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Aprendamos Intervention Team, P.A. (Healthcare Provider, NM) reported a HIPAA breach affecting 1,916 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Email.
Inlet Health dba Communicare (Healthcare Provider, KY) reported a HIPAA breach affecting 3,771 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Apex Custom Software (Business Associate, TX) reported a HIPAA breach affecting 1,500 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Holdrege Memorial Homes, Inc. (Healthcare Provider, NE) reported a HIPAA breach affecting 1,446 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Community Treatment Solutions (Healthcare Provider, NJ) reported a HIPAA breach affecting 950 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Connecticut Attorney General William Tong announced a coordinated multi-state enforcement action against the sale of bootleg, flavored disposable e-cigarettes. Civil investigative demands were served on 12 Connecticut smoke shops, convenience stores, and two wholesalers for selling illegally imported, non-FDA authorized nicotine products designed to appeal to youth. Nine other states announced parallel investigations or litigation targeting distributors and retailers of these products.
The FTC settled charges against GoDaddy for failing to implement adequate data security measures for its web hosting services, which led to multiple breaches and misled customers about its security protections. The proposed order requires GoDaddy to establish a comprehensive information security program and hire an independent assessor for regular reviews.
Texas Attorney General Ken Paxton defended House Bill 1181 at the U.S. Supreme Court, which requires online pornography sites to verify users' ages to protect children from harmful content. The law was challenged by pornography distributors, but Texas won at the Fifth Circuit and is now defending its constitutionality. Texas has also sued Aylo Global Entertainment for non-compliance, leading to Pornhub's shutdown in Texas.
The FTC finalized an order banning Mobilewalla Inc. from selling sensitive location data after alleging the company sold such data without verifying consumer consent. The order prohibits Mobilewalla from collecting data from ad exchanges for non-auction purposes, misrepresenting data practices, and using location data from sensitive locations like health clinics and places of worship.
The FTC finalized an order against IntelliVision Technologies Corp. for making deceptive claims about its facial recognition software's accuracy and lack of bias. The company must now back up any claims with competent testing and is prohibited from misrepresenting the software's performance. No monetary penalty was imposed.
Texas Attorney General Ken Paxton filed a lawsuit against Allstate and its subsidiary Arity for unlawfully collecting, using, and selling driving data from over 45 million consumers without consent. The data, which includes precise geolocation information, was used to justify insurance premium increases. This action alleges violations of the Texas Data Privacy and Security Act (TDPSA).
Samaritan Counseling Center of the Fox Valley (Healthcare Provider, WI) reported a HIPAA breach affecting 956 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Texas Attorney General Ken Paxton filed a lawsuit against TikTok for deceptively promoting its app as safe for children despite the prevalence of inappropriate and explicit content. The action alleges violations of the SCOPE Act, which protects children's online privacy, and follows a previous lawsuit regarding data privacy issues.
BayMark Health Services, Inc. (Business Associate, TX) reported a HIPAA breach affecting 3,170 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
The U.S. Department of Justice and ten states filed an amended complaint against six major landlords for using algorithmic pricing and sharing competitively sensitive information to suppress competition and raise rents. Cortland Management LLC agreed to a consent decree requiring it to cease these practices, cooperate with the investigation, and submit to court-monitored oversight. The landlords collectively manage over 1.3 million rental units across the United States.
Eastern Idaho Public Health (Healthcare Provider, ID) reported a HIPAA breach affecting 759 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Electronic Medical Record.
North Los Angeles County Regional Center (Business Associate, CA) reported a HIPAA breach affecting 500 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
DentaQuest (Health Plan, WI) reported a HIPAA breach affecting 868 individuals. Breach type: Unauthorized Access/Disclosure. Location of breached information: Paper/Films.
Ingham County Medical Care Facility, d/b/a Dobie Road (Healthcare Provider, MI) reported a HIPAA breach affecting 3,078 individuals. Breach type: Hacking/IT Incident. Location of breached information: Electronic Medical Record.
Attorney General William Tong announced that starting January 1, 2025, businesses covered by the Connecticut Data Privacy Act must honor global opt-out preference signals, allowing consumers to opt out of targeted advertising and data sales via tools like Global Privacy Control. The advisory explains requirements, notes exemptions for HIPAA-covered entities, and provides resources for compliance.
Omaha Surgical Center (Healthcare Provider, NE) reported a HIPAA breach affecting 1,110 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Dragonfly Health (Business Associate, AZ) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Polaris Endeavors (Healthcare Provider, FL) reported a HIPAA breach affecting 4,552 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
All data sourced from official government enforcement pages.