Companies will need to navigate stricter security requirements in response to the Trump administration’s AI Action Plan, attorneys at Davis Wright Tremaine said Monday (see 2507230058).

Brigham Young University (BYU) suffered a data breach in late April that may have exposed the personal data of students and faculty, but waited three months before informing them, a law firm investigating the incident on behalf of potential victims said Friday. Schubert Jonckheer said the school started informing its community "on or around July 23, 2025, which may have violated state and federal laws." Maine and Vermont attorneys general also reported the breach on July 23.

A women-only app intended to enhance safety for online dating users suffered a breach this month that leaked 72,000 images, including 13,000 selfies with identifying information, a law firm investigating the breach said Friday. Edelson Lechtzin is investigating the breach of the Tea app for a potential class-action on behalf of victims.

Philadelphia Indemnity Insurance suffered a cyberattack in June that potentially left customer data exposed, the company said in a notification letter the California AG office reported Tuesday. Texas and New Hampshire also reported the incident.

A Massachusetts-based health care provider discovered a data breach late in November 2022 and "promptly" reported it to federal authorities and state regulators, it said; however, it only began alerting affected customers this month, a law firm investigating the incident on behalf of potential victims said Tuesday.

House of Dior suffered a data breach in January that may have exposed the personal information of customers, a law firm investigating the incident on behalf of potential victims said Tuesday. Schubert Jonckheer noted Dior "did not begin notifying affected individuals until on or around July 18, 2025, which may have violated state and federal laws." The French luxury fashion firm didn't identify the breach until May 7, Schubert Jonckheer noted.

U.S. Department of Agriculture (USDA) attempts to collect personal data of millions of Supplemental Nutrition Assistance Program (SNAP) recipients from the states are unnecessary, inefficient, and unlawful, said a Friday comment letter from a coalition of states, led by the California attorney general. The USDA, which suspended its data demand after a lawsuit from the Electronic Privacy Information Center (EPIC) and others, published a System of Records Notice (SORN) on June 23 in an attempt to resolve legal issues and resume the data collection (see 2507180027).

A Texas-based firm that conducts drug and alcohol testing suffered a data breach last year that exposed the personal information of almost 750,000 individuals, a law firm said Monday. Multiple states also recently reported the breach of Alcohol and Drug Testing Service (TADTS). The company may have violated state and federal laws by disclosing the breach well after it occurred.

The Computer and Communications Industry Association (CCIA) raised privacy concerns with proposed rules in Missouri that would alter how content is moderated online. In comments to the Missouri attorney general on Wednesday, the association argued the rules pose security risks to users and their data, force third parties to handle content moderation and violate the First Amendment.

Missouri's Iron County Medical Center, California's Regional Center of the East Bay and Texas' Winkler County Hospital District recently notified affected individuals of data breaches that may have impacted customers' personal information.