On February 11, 2026, California Attorney General Rob Bonta announced a $2.75 million settlement with The Walt Disney Company (“Disney”), the largest civil penalty to date under the California Consumer Privacy Act as amended by the California Privacy Rights Act
The DOJ’s civil cyber-fraud initiative lives on: Insights from cybersecurity enforcement through the False Claims Act
The False Claims Act (“FCA”), the U.S. federal government’s principal civil anti-fraud statute, imposes liability on entities that knowingly submit, or cause the submission of, false or misleading claims for payment to the United States. The FCA has long served
SEC statement clarifies material cybersecurity incident disclosure requirement
SEC final rule on reporting material cybersecurity incidents
In July 2023, the US Securities and Exchange Commission (SEC) finalized its rule requiring public companies to disclose material cybersecurity incidents under Item 1.05 of Form 8-K. Though materiality is not a