Robinson Cole LLP
High Contrast Mode

Nationally ranked in Chambers USA in Privacy & Data Security since 2012 and globally since 2019, Linn Freedman is a leader in the field of privacy and cybersecurity law. Her clients have said that Linn “is a great lawyer, focused on understanding the client and the business” and “is very responsive, pragmatic and very good to work with," “travels to the end and back for her clients,” and has "extraordinary integrity and a great mind for creativity, while still adhering to regulatory compliance."

Linn is chair of our firm’s Data Privacy + Cybersecurity practice and of the Artificial Intelligence Team. She focuses on compliance with state and federal data privacy and security laws and regulations, emergency data breach response, mitigation and complex litigation. She counsels clients on state and federal investigations and enforcement actions. She has a particular focus on health information technology and has assisted clients with navigating laws governing the access, use and disclosure of protected health information and substance use disorder information and HIPAA compliance. 

Data Privacy + Cybersecurity Compliance

As a Certified Information Privacy Professional, Linn helps clients comply with all state and federal data privacy and security laws and regulations, and counsels them on  investigations and enforcement actions. 

Linn advises companies and organizations on best practices for the collection, maintenance, and sharing of high-risk data, to help avoid breaches and cyber intrusions. She assists with data mapping and development of privacy and security plans. She helps clients comply with constantly evolving, industry-specific privacy and data protection regulatory requirements in a rapidly changing area of law.

Linn also assists clients with data security regulatory requirements, including implementing Written Information Security Plans (WISPs). She provides guidance regarding privacy and data protection implications associated with the deployment of communication and data storage technologies, mobile applications, location-based services, and risks associated with the use of artificial intelligence. She works with clients to develop software and cloud vendor agreements, website and mobile app privacy policies and terms and conditions of use, social media policies, practices and procedures, assessing risk with tracking and pixel technology, and AI governance programs.

Linn has given presentations around the country on data privacy and cybersecurity, and she writes extensively on these topics, including for the firm’s Health Law Diagnosis and Data Privacy + Cybersecurity Insider blogs. The widely-recognized Insider blog has received multiple Readers Choice Awards distinction from JD Supra and featured in FeedSpot's "100 Best Infosec Blogs and Websites in 2025."

Security Incident + Data Breach Preparedness + Emergency Response

Linn assists clients with data breach preparedness, including assisting with vendor choice and pre-negotiating contracts for forensic, notification, and call center services. She also assists with the development and training of data breach response teams. If there is a security incident or data breach, Linn assists with all related investigation, negotiation, response, notification, remediation, coordination, and litigation. She has extensive experience with responding to security incidents, including ransomware attacks and business email compromise incidents. She is well-versed in helping clients with post-breach investigations by state and federal authorities. She also provides live, hands on security incident tabletop exercises for clients. 

Privacy + Class Action Litigation + Enforcement

If a data breach or privacy issue results in litigation or an enforcement action, Linn works with clients to resolve the matter through the court system or before federal or state regulatory agencies.  She also represents various companies in privacy litigation matters around unauthorized access, use or disclosure of personally identifiable and health information and in retrieving the unauthorized transfer of data from companies by employees. She represents companies responding to website pixel litigation. Linn is a former Assistant Attorney General for the State of Rhode Island and works with the AGs of multiple states around compliance and enforcement actions involving data breaches and data security.

HIPAA Compliance

Linn has extensive experience helping clients with HIPAA compliance. She regularly assists with HIPAA compliance programs and employee awareness training, cybersecurity in relation to websites and online portals, and data use and sharing agreements for health information exchanges.

She has deep experience helping clients defend enforcement actions by the Office for Civil Rights of the Department of Health and Human Services.

Linn is an Adjunct Professor of Law at Roger Williams University School of Law and a former Adjunct Professor in Brown University’s Executive Masters of Cybersecurity Program. Prior to joining our firm, Linn was a partner at Nixon Peabody, where she served as leader of the firm's Privacy & Data Protection Group. She also served as assistant attorney general and deputy chief of the Civil Division of the Attorney General's Office for the State of Rhode Island.  

  • Loyola University School of Law (Juris Doctor)
  • Newcomb College of Tulane University (Bachelors, with honors)
    • B.A., American Studies

  • Commonwealth of Massachusetts
  • State of Rhode Island
  • U.S. Supreme Court
  • U.S. Court of Appeals, 1st Circuit
  • U.S. Court of Appeals, 5th Circuit
  • U.S. District Court, District of Massachusetts
  • U.S. District Court, District of Rhode Island

Named one of Providence Business News2024 Leaders & Achievers honorees

Ranked as a leader in Chambers USA: America's Leading Lawyers for Business in the area of Privacy & Data Security nationwide since 2012 and global-wide since 2019

Named one of the “Women to Know in Health IT” by Becker’s HOSPITAL REVIEW in 2024, 2023, 2022 and 2020

Lifetime Achievement Award recipient as part of the 2023 Tech10 and Next Tech Generation Awards, presented by Rhode Island Monthly and the Tech10 Advisory Group

Certified Information Privacy Professional/US (CIPP/US) by the International Association of Privacy Professionals (IAPP)

Recognized as National Law Review Go-To Thought Leader

Recognized by Lexology as a "Legal Influencer" 

Selected by her peers for inclusion in The Best Lawyers in America© in the areas of Commercial Litigation and Privacy and Data Security Law since 2020 and in the area of Artificial Intelligence Law for 2026

2016-2026 JD Supra Readers' Choice Top Author and the #1 author in Cybersecurity

Recognized as one of 50 Top Healthcare IT Professionals by Health Data Management, 2015

Roger Williams University School of Law 2015 Champions for Justice award recipient

Rhode Island Department of Health Founder's Award recipient

Rhode Island Attorney General Justice Award recipient

Rhode Island Department of Health Award for Excellence in Public Health Promotion recipient

Profiled by Directors & Boards in their 2014 class of Directors to Watch

Providence Business News Business Women Industry Leader - Professional Services for 2012

Robinson+Cole Community Service Award Recipient, 2021

Rhode Island Bar Association

Rhode Island Judiciary
Committee on Artificial Intelligence and the Courts

HAI Group
Outside Director, Board of Directors

International Association of Privacy Professionals

American Health Lawyers Association

CISO Executive Network

Roger Williams University
Board Member, Finance Committee, Chair, Governance Committee, Executive Committee, Extension School Committee

Roger Williams University School of Law
Past Board Member, Adjunct Professor (Privacy Law)

Rhode Island College - Advisory Council for the Institute for Cybersecurity & Emerging Technology

Rhode Island Center for Justice
Board Member (2015 - present)

Professional Facilities Management
Board Member, Secretary

American Bar Association

Defense Counsel of Rhode Island

Publications


Data Privacy + Cybersecurity Insider teaser
June 12, 2026

Data Privacy + Cybersecurity Insider

Data Privacy + Cybersecurity Insider teaser
June 5, 2026

Data Privacy + Cybersecurity Insider

Data Privacy + Cybersecurity Insider teaser
May 28, 2026

Data Privacy + Cybersecurity Insider

Data Privacy + Cybersecurity Insider teaser
June 12, 2026

Data Privacy + Cybersecurity Insider

Data Privacy + Cybersecurity Insider teaser
June 5, 2026

Data Privacy + Cybersecurity Insider

Data Privacy + Cybersecurity Insider teaser
May 28, 2026

Data Privacy + Cybersecurity Insider

Data Privacy + Cybersecurity Insider teaser
May 21, 2026

Data Privacy + Cybersecurity Insider

Data Privacy + Cybersecurity Insider teaser
May 14, 2026

Data Privacy + Cybersecurity Insider

Data Privacy + Cybersecurity Insider teaser
May 7, 2026

Data Privacy + Cybersecurity Insider

Data Privacy + Cybersecurity Insider teaser
April 30, 2026

Data Privacy + Cybersecurity Insider

Data Privacy + Cybersecurity Insider teaser
April 23, 2026

Data Privacy + Cybersecurity Insider

Data Privacy + Cybersecurity Insider teaser
April 16, 2026

Data Privacy + Cybersecurity Insider



Data Privacy + Cybersecurity Insider teaser
May 21, 2026

Data Privacy + Cybersecurity Insider

Data Privacy + Cybersecurity Insider teaser
May 14, 2026

Data Privacy + Cybersecurity Insider

Data Privacy + Cybersecurity Insider teaser
May 7, 2026

Data Privacy + Cybersecurity Insider

Data Privacy + Cybersecurity Insider teaser
April 30, 2026

Data Privacy + Cybersecurity Insider

Data Privacy + Cybersecurity Insider teaser
April 23, 2026

Data Privacy + Cybersecurity Insider

Data Privacy + Cybersecurity Insider teaser
April 16, 2026

Data Privacy + Cybersecurity Insider


News


June 4, 2026

Robinson+Cole Recognized Across Practices and Regions with 46 Chambers USA 2026 Rankings

In the latest edition of Chambers USA: America’s Leading Lawyers for Business, Robinson+Cole achieved significant recognition, securing rankings across multiple practice areas and regions, including a distinguished Nationwide ranking, underscoring the firm’s breadth of capabilities and national reputation. Chambers & Partners has ranked 33 Robinson+Cole lawyers and 13 of its practices, with two newly-ranked lawyers. Twelve lawyers earned Band 1 designations, with two ascending to Band 1 from the previous year, alongside seven Band 1-ranked practices. In addition to being ranked Nationwide in Privacy & Data Security, Linn F. Freedman was also listed in the Chambers Global 2026 ranking guide in the area of Privacy & Data Security – USA for the fifth consecutive year. The rankings, based on extensive client feedback and independent research, reflect a year of strategic growth and high-profile client work, reinforcing the firm’s reputation as an industry leader in various markets.  Chambers USA 2026 recognized the following Robinson+Cole lawyers (denoting Band 1 ranking with a 1): Linn F. Freedman, Privacy & Data Security, Nationwide Brya M. Keilson, Bankruptcy/Restructuring, Delaware Natalie D. Ramsey, (Star Individual) Bankruptcy/Restructuring, Delaware and Pennsylvania: Philadelphia & Surrounds Rachel Jaffe Mauceri, Bankruptcy/Restructuring, Pennsylvania: Philadelphia & Surrounds Dennis C. Cavanaugh, Gregory R. Faulkner1, Frederick E. Hedberg, and Martin A. Onorato, Construction, Connecticut Matthew J. Guanci, Jr. and Eric M. Kogan, Corporate/M&A, Connecticut Kenneth C. Baldwin1 and Joey Lee Miranda1, Energy & Natural Resources, Connecticut Megan E. Baroni, Robert S. Melvin, Earl W. Phillips, Jr. (Senior Statespeople), James P. Ray, Jonathan H. Schaefer, and Emilee Mooney Scott, Environment, Connecticut Lisa M. Boyle1, Healthcare, Connecticut Wystan M. Ackerman1, Dana M. Horton1, Daniel F. Sullivan1, and Gregory P. Varga1, Insurance, Connecticut John L. Cordani1 and Jaqueline Pennino Scheib1, Intellectual Property, Connecticut Stephen W. Aronson, Britt-Marie K. Cole-Johnson, Natale V. DiNatale, and Virginia E. McGarrity, Labor & Employment, Connecticut Jeffrey J. White, Litigation: General Commercial, Connecticut Garry C. Berman1, Steven L. Elbaum1, and Charles F. Martin III, Real Estate, Connecticut Chambers USA 2026 recognized the following Robinson+Cole practices (denoting Band 1 ranking with a 1): Bankruptcy/Restructuring, Delaware Bankruptcy/Restructuring, Pennsylvania: Philadelphia & Surrounds Construction, Connecticut1 Construction, Massachusetts Corporate/M&A, Connecticut Energy & Natural Resources, Connecticut1 Environment, Connecticut1 Healthcare, Connecticut1 Insurance, Connecticut1 Intellectual Property, Connecticut1 Labor & Employment, Connecticut Litigation: General Commercial, Connecticut Real Estate, Connecticut1 Chambers has published guides to the legal profession for over 20 years, highlighting the top lawyers and law firms across the USA. Chambers’ research teams of over 200 individuals assess lawyers and law firms across the United States, conducting thousands of one-on-one interviews per year with in-house counsel and third-party experts. An explanation of Chambers’ methodology can be found online here.

Chambers & Partners
Robinson+Cole Recognized Across Practices and Regions with 46 Chambers USA 2026 Rankings teaser
April 28, 2026

Linn Freedman Reacts to New CT Rule Proposed as a Result of Generative AI Hallucinations

Law 360
April 23, 2026

Linn Freedman Urges Heightened Awareness for All Critical Infrastructure

The Bond Buyer
June 4, 2026

Robinson+Cole Recognized Across Practices and Regions with 46 Chambers USA 2026 Rankings

In the latest edition of Chambers USA: America’s Leading Lawyers for Business, Robinson+Cole achieved significant recognition, securing rankings across multiple practice areas and regions, including a distinguished Nationwide ranking, underscoring the firm’s breadth of capabilities and national reputation. Chambers & Partners has ranked 33 Robinson+Cole lawyers and 13 of its practices, with two newly-ranked lawyers. Twelve lawyers earned Band 1 designations, with two ascending to Band 1 from the previous year, alongside seven Band 1-ranked practices. In addition to being ranked Nationwide in Privacy & Data Security, Linn F. Freedman was also listed in the Chambers Global 2026 ranking guide in the area of Privacy & Data Security – USA for the fifth consecutive year. The rankings, based on extensive client feedback and independent research, reflect a year of strategic growth and high-profile client work, reinforcing the firm’s reputation as an industry leader in various markets.  Chambers USA 2026 recognized the following Robinson+Cole lawyers (denoting Band 1 ranking with a 1): Linn F. Freedman, Privacy & Data Security, Nationwide Brya M. Keilson, Bankruptcy/Restructuring, Delaware Natalie D. Ramsey, (Star Individual) Bankruptcy/Restructuring, Delaware and Pennsylvania: Philadelphia & Surrounds Rachel Jaffe Mauceri, Bankruptcy/Restructuring, Pennsylvania: Philadelphia & Surrounds Dennis C. Cavanaugh, Gregory R. Faulkner1, Frederick E. Hedberg, and Martin A. Onorato, Construction, Connecticut Matthew J. Guanci, Jr. and Eric M. Kogan, Corporate/M&A, Connecticut Kenneth C. Baldwin1 and Joey Lee Miranda1, Energy & Natural Resources, Connecticut Megan E. Baroni, Robert S. Melvin, Earl W. Phillips, Jr. (Senior Statespeople), James P. Ray, Jonathan H. Schaefer, and Emilee Mooney Scott, Environment, Connecticut Lisa M. Boyle1, Healthcare, Connecticut Wystan M. Ackerman1, Dana M. Horton1, Daniel F. Sullivan1, and Gregory P. Varga1, Insurance, Connecticut John L. Cordani1 and Jaqueline Pennino Scheib1, Intellectual Property, Connecticut Stephen W. Aronson, Britt-Marie K. Cole-Johnson, Natale V. DiNatale, and Virginia E. McGarrity, Labor & Employment, Connecticut Jeffrey J. White, Litigation: General Commercial, Connecticut Garry C. Berman1, Steven L. Elbaum1, and Charles F. Martin III, Real Estate, Connecticut Chambers USA 2026 recognized the following Robinson+Cole practices (denoting Band 1 ranking with a 1): Bankruptcy/Restructuring, Delaware Bankruptcy/Restructuring, Pennsylvania: Philadelphia & Surrounds Construction, Connecticut1 Construction, Massachusetts Corporate/M&A, Connecticut Energy & Natural Resources, Connecticut1 Environment, Connecticut1 Healthcare, Connecticut1 Insurance, Connecticut1 Intellectual Property, Connecticut1 Labor & Employment, Connecticut Litigation: General Commercial, Connecticut Real Estate, Connecticut1 Chambers has published guides to the legal profession for over 20 years, highlighting the top lawyers and law firms across the USA. Chambers’ research teams of over 200 individuals assess lawyers and law firms across the United States, conducting thousands of one-on-one interviews per year with in-house counsel and third-party experts. An explanation of Chambers’ methodology can be found online here.

Chambers & Partners
Robinson+Cole Recognized Across Practices and Regions with 46 Chambers USA 2026 Rankings teaser
April 28, 2026

Linn Freedman Reacts to New CT Rule Proposed as a Result of Generative AI Hallucinations

Law 360
April 23, 2026

Linn Freedman Urges Heightened Awareness for All Critical Infrastructure

The Bond Buyer
March 18, 2026

Linn Freedman Sounds the Alarm About the Growth of Deepfake Content

Corporate Counsel
February 25, 2026

Data Privacy + Cybersecurity Team Receives 2026 Readers' Choice Awards

JD Supra
Data Privacy + Cybersecurity Team Receives 2026 Readers' Choice Awards teaser
February 19, 2026

Linn Freedman Receives Global Ranking in Chambers Global Guide 2026

Chambers & Partners
February 5, 2026

Linn Freedman Quoted in Cybersecurity Law Report on FTC Settlement

Cybersecurity Law Report
December 18, 2025

Business Transactions in Health Care Team Wins “Pharma & Devices Deal of the Year” at Global M&A Network’s 7th Annual USA Middle Markets M&A Atlas Awards Gala

Global M&A Network
Business Transactions in Health Care Team Wins “Pharma & Devices Deal of the Year” at Global M&A Network’s 7th Annual USA Middle Markets M&A Atlas Awards Gala teaser
November 26, 2025

Linn Freedman Discusses AI in Education

Law 401 Podcast

March 18, 2026

Linn Freedman Sounds the Alarm About the Growth of Deepfake Content

Corporate Counsel
February 25, 2026

Data Privacy + Cybersecurity Team Receives 2026 Readers' Choice Awards

JD Supra
Data Privacy + Cybersecurity Team Receives 2026 Readers' Choice Awards teaser
February 19, 2026

Linn Freedman Receives Global Ranking in Chambers Global Guide 2026

Chambers & Partners
February 5, 2026

Linn Freedman Quoted in Cybersecurity Law Report on FTC Settlement

Cybersecurity Law Report
December 18, 2025

Business Transactions in Health Care Team Wins “Pharma & Devices Deal of the Year” at Global M&A Network’s 7th Annual USA Middle Markets M&A Atlas Awards Gala

Global M&A Network
Business Transactions in Health Care Team Wins “Pharma & Devices Deal of the Year” at Global M&A Network’s 7th Annual USA Middle Markets M&A Atlas Awards Gala teaser
November 26, 2025

Linn Freedman Discusses AI in Education

Law 401 Podcast

Events


Past

Use of AI by Lawyers & Judges: Praise & Peril

Jun 11 2026
Rhode Island Bar Association 2026 Annual Meeting
Past

AI at Work: Real-World Lessons Learned

May 19 2026
Boston Bar Association Legal Hour
Past

Use of AI by Lawyers & Judges: Praise & Peril

Jun 11 2026
Rhode Island Bar Association 2026 Annual Meeting
Past

AI at Work: Real-World Lessons Learned

May 19 2026
Boston Bar Association Legal Hour
Past

The Regulatory Roadmap for AI in Employment

Mar 27 2026
38th Annual Labor & Employment Law Conference
Past

State AI Laws and the Federal EO: Effective Dates, Scope, Enforcement, Compliance Planning

Jan 27 2026
Barbri Webinar
Past

A CISOs Guide to the Legalities of AI

Jan 14 2026
Top of MIND Webinar
Past

Deepfakes: A Demonstration of How They are Made and Used by Threat Actors

Nov 19 2025
Boston Bar Association 2025 Privacy, Cybersecurity & Digital Law Conference
Past

The Regulatory Roadmap for AI in Employment

Mar 27 2026
38th Annual Labor & Employment Law Conference
Past

State AI Laws and the Federal EO: Effective Dates, Scope, Enforcement, Compliance Planning

Jan 27 2026
Barbri Webinar
Past

A CISOs Guide to the Legalities of AI

Jan 14 2026
Top of MIND Webinar
Past

Deepfakes: A Demonstration of How They are Made and Used by Threat Actors

Nov 19 2025
Boston Bar Association 2025 Privacy, Cybersecurity & Digital Law Conference

Data Privacy + Cybersecurity Insider


Below is an excerpt of Data Privacy + Cybersecurity Insider blog posts authored by Linn.

Darktrace Report Highlights Cyber Threats Against Global Sporting Sector

In a recently released report titled Cybersecurity in Global Sport: Threats, Signals, and Strategic Implications for a Digitized Industry, cybersecurity firm Darktrace has outlined “the current challenges the global sporting sector faces and...forward-looking views on future challenges as AI increasingly becomes adopted across the sector.” The Report’s conclusions were the result of a survey to 875 IT cybersecurity professionals across sports organizations located in the U.S., U.K., Australia, and Germany. Because the global sports industry “has undergone a rapid and continuous digital transformation” (including digital ticketing platforms, broadcasting, mobile applications, and third-party vendor support), and sports organizations are adopting generative AI and agentic AI tools, emerging cybersecurity threats are targeting these organizations. The Report’s key takeaways include: 84% of professional sports organizations surveyed have experienced at least one cyber incident in the past 12 months, with more than half (57%) hit multiple times. This underscores that cyber risk is already an operational issue for the sector. 34% of respondents cited stadium operations as the most critical function to protect during a live event, reinforcing that cyber resilience in sport is defined by high-visibility moments where downtime is least acceptable. Sports sector customers received 19% more phishing emails than non-sports sector customers, reinforcing that email and identity remain dominant attack vectors for sports organizations. 21% of phishing emails targeting sports sector customers were sent to VIPs, while 37% contained novel social engineering techniques, highlighting how attackers are focusing on high value identities and adapting tactics to exploit urgency, trust, and operational complexity in the sports sector. 47% of respondents cited AI prompt risks and attacks and AI development risks and deployment as top concerns for AI use within their organizations. 72% of IT cybersecurity professionals from sports organizations surveyed believe AI will increase cyber risk over the next 12 months as adoption grows in high stakes areas including stadium operations, ticketing and fan engagement, and business operations. Sports organizations have been victimized by various threats including: “client-side payment skimming, ransomware outbreaks, and compromise of ecommerce infrastructure through third-party scripts. Fan platforms and mobile applications have been accessed via exposed keys and weak API security, placing large user populations at risk.” Darktrace suggests that organizations treat cyber risk “as an operational and governance challenge” to be resilient against attacks. This includes: 1.         Threat modeling for emerging technologies, including AI misuse; 2.         Rigorous supply chain governance and vendor access control; 3.         Strong segmentation across IT, OT, and fan-facing systems; 4.         Identity-centric security with anomaly detection and universal multi-factor authentication (MFA); 5.         Phishing resilience across all channels, including QR-based vectors; and 6.         Operational playbooks aligned to live event constraints. The Report is a must read for those in the sports sector

Visit Blog

ShinyHunters Targeting Higher Education Sector

Researchers from Mandiant and Google Threat Intelligence Group are warning the higher education sector, including universities, that ShinyHunters has exploited an Oracle PeopleSoft zero-day vulnerability and has “potentially infiltrated the networks of more than 100 organizations in an attack spree that largely impacted higher education.” ShinyHunters has reportedly started publishing the names of the compromised victims and stolen data. The vulnerability (CVE-2026-35273) “allows unauthorized attackers to execute remote code and takeover affected servers.” Oracle has published mitigation steps, but a patch has not yet been released. According to Mandiant, “This campaign is still active.” Google adds that “most of the potential victim pool is based in the United States and 68% are in the higher education sector.” If you are in the higher education sector, implement Oracle’s mitigation steps  as soon as possible, and look out for a released patch.

Visit Blog

Deepfake Site Taken Down by DOJ + DHS

On June 12, 2026, the U.S. Departments of Justice and Homeland Security announced that deepfake domains CFAKE.com and SOCFAKE.com were seized and taken down using the TAKE IT DOWN Act. The seized domains “were being used to publish thousands of digitally forged images and videos depicting famous women as nude and sometimes engaged in sexual activity, without their consent.” The deepfakes included royalty, journalists, television personalities, athletes, entertainers, and others. According to the press release, “The website allowed people to browse by tags that included topics like ‘rape,’ ‘forced,’ and ‘degradation.’” U.S. authorities were alerted to the website by Italy’s Polizia di Stato Postal and Cybersecurity Policy. After a U.S. investigation, evidence was shared with French authorities, who also investigated and made an arrest in Nice on June 10, 2026. This is a great example of how important international law enforcement cooperation is in prosecuting individuals outside of the U.S. and taking down harmful and illegal domains. This is a big win for law enforcement in the U.S., Italy, and France in combatting deepfakes.

Visit Blog

Privacy Tip #496 – Imposter Scams Hit Senior Population Hard: How to Avoid Becoming a Victim

June 15, 2026, was designated World Elder Abuse Awareness Day. One of the ways seniors are victimized is through financial scams. According to the Federal Trade Commission (FTC), “in 2025, [elderly] people reported losing about $16 billion to scams, compared to $12.8 billion the previous year. And because not everyone who experiences a scam reports it, this likely represents only a fraction of the actual amount lost.” Imposter scams are one of the most common ways seniors become financial fraud victims. An imposter pretends to be someone else, such as a government, bank, or law enforcement, friend or family member and contacts the victim through phone, text, email, or other messaging to obtain information to further financial fraud. Threat actors commonly pose as an Internal Revenue Service agents and call the victim to let them know they are behind on their taxes and if they don’t pay up immediately, something dreadful will happen. They use scare tactics to quickly obtain credit card information, cash, or personal information from the victim. Awareness of imposter scams can prevent you from becoming a victim. Here are some tips to help you avoid them.

Visit Blog

CISA + Partner Warn That Automatic Tank Gauge Systems Are Being Targeted

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), the Department of Energy (DOE), the Environmental Protection Agency (EPA), the Transportation Security Administration (TSA), the Department of Transportation (DOT), and the U.S. Department of Agriculture (USDA) recently issued an alert warning of malicious cyber activity targeting U.S.-based automatic tank gauge (ATG) systems. ATG systems are widelyused throughout the Energy, Chemical, Food and Agriculture, and Transportation Systems Sectors forautomated and remote monitoring of storage tank parameters, including fuel and liquid levels,temperature, and possible leak detection. The authoring organizations urge ATG owners and operators todefend against this malicious activity by securing their ATG systems with strong passwords and byremoving them from the internet to reduce public exposure. According to the alert, the recent malicious cyber activity “involves cyber threat actors compromising internet-exposed ATG systems and subsequently modifying them through command execution.” This means that cyber actors could “disrupt or manipulate the below critical functions by interfacing directly with the tank management as though they possessed legitimate physical access to the system console.” This would enable the threat actors to: Alter system(s) attributes, such as network settings, product identifiers, tank volumes, and pump controls; Compound operational malfunctions; components operating incorrectly could create a denial of view condition of tank fill levels, which could cause permanent damage to the tank system’s critical function; Disable system alerts, reducing an operator’s ability to detect and mitigate system issues increases the risk of environmental or physical hazards from incidents such as leaks or relay failures. The alert provides mitigation steps which should be implemented immediately.

Visit Blog

Anthropic Suggests Global “Pause” on AI Development

AI giant Anthropic has suggested that the world temporarily “pause” on AI development because of AI tools’ ability for “‘recursive self-improvement’– that is, being able to make better and more powerful versions of itself. Recursive self-improvement is a bugbear of AI safety researchers, viewed as the key step for AI to become superintelligent and therefore unleash widespread consequences on humanity.” Anthropic’s post cautioned of a “trend” of increasing capability in its product Claude which, “taken far enough and given enough compute ... points to an AI system capable of fully autonomously designing and developing its own successor.” As a result, there is a risk of “humans losing control over AI systems.” Anthropic is proposing that “policymakers, researchers, civil society and other AI companies” collaborate and meet to “help answer some of the questions this piece raises.. This warning follows on the heels of Anthropic’s previous warning about the capabilities of Mythos, causing it to pull its public release. When an AI company warns the world that it needs to pay attention to the risk of technology, it is probably worth consideration.

Visit Blog

Privacy Tip #495 – What We Can Learn from The Worst Breaches of 2026

I apologize that this post is not light reading. It’s critically important to know what the threats are so you can avoid becoming a victim. Although disconcerting, it is crucial to know what has happened in the first half of this year. TechCrunch recently issued a report outlining the worst breaches of 2026—so far: DOGE’s massive swipe of Social Security data (I’ve discussed this  in numerous posts) Hackers increased targeting of water systems and energy grids (discussed here) Iranian government hackers attacking Stryker with a destructive device hack (ditto) ShinyHunters’ disruptive hacking campaign against Instructure, among other targets (ShinyHunters has been a frequent subject of our posts) The supply chain under attack, targeting open-source projects and big tech companies FBI’s surveillance system breach, sparking a “major cyber incident“ Hasbro’s hack leading to weeks of downtime Exposure of millions of passports and driver licenses What can we learn from these trends? According to TechCrunch, “the attacks are getting bolder, more destructive, and harder to contain.” The trends confirm that as technology advances, so must defenses equally. Cybersecurity measures must be sophisticated enough to block attackers so they will move on to the next victim. A mature cybersecurity posture, both personally and professionally, must be a priority to prevent becoming victimized. In a world of geopolitical discontent, cyber attackers serve as warriors for nation states, and at the same time, our own government is failing to protect our data and our warriors’ data. Unfortunately, the Cybersecurity and Infrastructure Security Agency’s funding has been decimated, so we are left to our own devices (pardon the pun). We need to take greater responsibility for protecting our own information while demanding stronger safeguards from our government, especially for the sensitive data of current and veteran military personnel. Additionally, private companies must also do more to prevent exposure. Robust cybersecurity programs across individuals, government, and the private sector are essential. This is no longer a future concern; it is reality. Without collective action, the second half of 2026 will bring more of the same.

Visit Blog

Stolen Hotel Reservation Data Used in Targeted Phishing Scams

A new report by Wired states that customer data from “more than 350 hotels around the world may have been accessed as part of realistic reservation-hijacking scams.” According to the report, travelers’ information and booking data may have been stolen from the hotels and are being used by threat actors to launch social engineered phishing schemes. These scams are effective because they exploit trusted brands and impersonate legitimate guest relations professionals. Victims are contacted about travel they have booked—or plan to book—through messages that appear to come from a hotel, reservation platform or guest services team. These messages often include accurate booking details to build credibility and redirect the victim to a fake guest portal or payment verification page. The victim is told there is an issue with payment and that the booking will be cancelled in the next 24-48 hours if it is not resolved. Once redirected to the fake guest portal or payment verification page, the victim is prompted to enter their credit card information which is transmitted directly to the threat actor. In many cases, victims do not realize they have been targeted until weeks or months later. Here is a great summary of how the scam works if you want more information. Tips to prevent becoming a victim include: Do not respond directly to unsolicited emails, phone calls, texts, or instant messages. If you’ve received a request for additional payment or payment information, reach out to the company you booked through directly via information on their website or in your booking confirmation. Watch out for pressure tactics. Legitimate businesses do not call or send text messages pressuring you to act immediately. They also will not demand payment with a different payment method from the one you used to book your reservation. Secure your accounts after a breach. If you receive a notice that you were impacted by a data breach, take the time to change your passwords and check for suspicious activity, like unauthorized payments or logins. Setting up two-factor authentication can also help to better protect your accounts.

Visit Blog