Facing the potential of a ruinous $20B decision against them in the House v. NCAA antitrust lawsuit, the NCAA and the major conferences are coming to a settlement that will see college athletes recieve revenue sharing, as well as former athletes being eligible to recieve damages for payments wrongly withheld.

This is a culmination of over a decade of litigation over the antitrust violations in college athletics, starting with O'Bannon establishing that players' NIL rights had value, followed by the Alston ruling definitively laying out that the NCAA did not have an antitrust exemption, opening the door for the House class action lawsuit - and the way the NCAA's arguments went over like lead balloons at those hearings has pushed them to the settlement table. Further emphasizing the losses in courts of law are the two injunctions the NCAA has had placed on their policies: first, they were enjoined over limiting transfers through the transfer portal, then an attempt to sanction Tennessee over NIL payments resulted in the Tennessee and Virginia AGs suing, resulting in an injunction on the NCAA's NIL rules. In addition, Dartmouth men's basketball players won a major win for labor with the regional NLRB ruling that they are in fact employees, leading them to pursue unionization, which the school is fighting. In addition (and likely to the death of OJ Simpson bringing new scrutiny to the decision) the Heisman Trust has reinstated Reggie Bush as the 2005 Heisman winner, further weakening the NCAA's position. It is in that context that the NCAA is coming to the negotiating table - having lost over and over, they are staring down a loss that would end the organization. And there's still a chance the cart gets upset - while the lion's share of the damages are due to the behavior of the major conferences, it's the non-majors who are being told to pay the majority of the settlement, which they are pushing back on.

Following the recent Ascension ransomware attack, legal challenges are mounting for the healthcare giant. Just days after the cyberattack disrupted operations across its extensive network of 140 hospitals, Ascension is facing two proposed class-action lawsuits. The lawsuits, filed in the District Courts of Illinois and Texas, allege negligence on Ascension's part, citing the failure to encrypt patient data as a critical oversight. This, plaintiffs argue, has exposed them to the risk of identity theft for years to come, following the Ascension cyberattack that forced the diversion of ambulances and the suspension of elective care services.

Class-Action Lawsuit Arises from Ascension Ransomware Attack

While Ascension has not confirmed any compromise of patient data, investigations are ongoing. Plaintiffs contend that had proper encryption measures been in place, data stolen by the cybercriminal group Black Basta would have been rendered useless, highlighting the negligence they claim Ascension displayed. We are conducting a thorough investigation of the incident with the support of leading cybersecurity experts and law enforcement," an Ascension spokesperson stated. "If we determine sensitive data was potentially exfiltrated or accessed, we will notify and support the affected individuals in accordance with all relevant regulatory and legal obligations”, reported Healthcare Dive on Thursday. The lawsuits, filed shortly after the Ascension ransomware attack, target the healthcare provider's alleged failure to implement adequate cybersecurity measures, a move plaintiffs argue could have prevented the incident. Both cases, represented by the same legal counsel, highlight the harm suffered by patients due to the exposure of their private information, which they assert was foreseeable and preventable.

Ascension Lawsuit and Mitigation Tactics

Despite ongoing investigations and assurances of cooperation with authorities, Ascension has yet to disclose whether patients' sensitive information was compromised during the cyber incident.  “Ascension continues to make progress towards restoration and recovery following the recent ransomware attack. We continue to work with industry leading forensic experts from Mandiant to conduct our investigation into this attack and understand the root cause and how this incident occurred”, stated Ascension on its Cybersecurity Event Update page.  In parallel, additional cybersecurity experts from Palo Alto Networks Unit 42 and CYPFER have been brought in to supplement the rebuilding and restoration efforts. The focus is on safely and swiftly bringing systems back online. “We are also working on reconnecting with our vendors with the help of our recovery experts. Please be aware that it may still take some time to return to normal operations”, added Ascension.  The Catholic health system, which spans 140 hospitals and 40 senior living facilities nationwide, employs a workforce of approximately 132,000 individuals. Despite the financial strain imposed by the Ascension ransomware attack, industry analysts note Ascension's robust liquidity and leverage position, offering a significant rating cushion against such one-off events. Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.

A class action lawsuit has been filed against J.P. Morgan Chase & Co., alleging that the financial giant failed to implement adequate security measures, leading to the exposure of sensitive personal data of its clients. Benjamin Valentine, a former employee of the Long Island Railroad, filed a complaint alleging that his personal information was improperly obtained in a recent J P Morgan data breach that compromised the accounts of thousands of users.

J P Morgan Data Breach Compromised Thousands of Users

[caption id="attachment_67262" align="alignnone" width="971"] Source: Chase[/caption] According to documents filed in the U.S. District Court for the Southern District of New York on May 3, Valentine's case is detailed in a Class Action Complaint (Case 1:24-cv-03438-JLR). The lawsuit contends that J.P. Morgan, a significant player in the financial industry offering a wide array of services to millions of customers, failed to adequately safeguard the personal information of its clients' employees, resulting in substantial harm. Valentine's complaint outlines how J.P. Morgan collected and maintained sensitive personally identifiable information (PII) of its clients' employees, including names, addresses, payment details, and Social Security numbers. This information, crucial for financial transactions and security, was compromised in the J P Morgan data breach and fell into the hands of cybercriminals. The lawsuit asserts that as a consequence of the breach, Valentine and approximately 451,000 other affected individuals suffered tangible damages, including invasion of privacy, identity theft, and the loss of trust and value in their personal information. Moreover, the breach exposed them to ongoing risks of fraud and further misuse of their data.

The Legal Action on J P Morgan

The legal action further alleges that J.P. Morgan's failure to implement adequate cybersecurity measures and its reckless handling of sensitive data contributed directly to the breach. Despite claims by J.P. Morgan that the breach was not the result of a cyberattack, the lawsuit argues that the company's negligence made it a target for such malicious activities. Valentine's complaint highlights J.P. Morgan's purported lack of transparency and timely notification regarding the breach, leaving affected individuals uninformed about the root cause and remedial actions taken. This, the lawsuit claims, exacerbates the emotional and financial distress experienced by victims. The Cyber Express has reached out to the organization to learn more about this J P Morgan data leak. However, J.P. Morgan has not provided an official statement regarding the cyber incident. Following the incident, a regulatory filing revealed that the breach stemmed from a software issue, which the company addressed promptly upon discovery. Valentine seeks various forms of relief through the lawsuit, including compensation for damages, injunctive relief, and reimbursement of legal fees. He is represented by the law firm Milberg Coleman Bryson Phillips Grossman LLC, based in Garden City, New York. As the legal proceedings unfold, The Cyber Express will be closely monitoring the situation and we’ll update this post once we have more information on the data breach or any new updates about the lawsuit.   Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.