Latest Posts › Data Breach

Share:

Pennsylvania Amends Data Breach Notification Law

Pennsylvania’s Governor recently approved amendments to the Commonwealth’s data breach notification law, which represent a significant overhaul to the law. As detailed below, the amended law makes a number of material...more

Board Oversight and Cyber Breach Response: What Involvement Strikes the Right Balance?

New regulations continue to push boards in the direction of active engagement in their cyber oversight role, including breach response. But, how can boards strike the right balance in their oversight role during a significant...more

Top 10 Issues General Counsel Need to Know About Ransomware in 2024

Threat actors are evolving. Our Privacy, Cyber & Data Strategy Team explains how ransomware gangs have changed their tactics and how companies can respond to the threat while navigating new scrutiny from investors and...more

FCC Plans to Update Data Breach Notification Rules

After a decade and a half under the current data breach notification rules for telecommunications carriers and telecommunications relay services (TRS) providers, the FCC recently unveiled plans to update and expand them....more

Ransomware Group, in Midst of Extortion Attempt, Files Regulatory Notice with SEC

Just a month before the Security and Exchange Commission’s (“SEC’s”) Material Cybersecurity Incidents Rule is set to take effect, a ransomware group has apparently taken compliance with reporting requirements into its own...more

FTC Approves New Data Breach Notification Requirement for Nonbanking Financial Institutions

With an amendment to its Safeguards Rule, the Federal Trade Commission has joined other federal agencies regulating cybersecurity breaches. Our Privacy, Cyber & Data Strategy Team analyzes how the amendment will affect...more

FTC Approves New Data Breach Notification Requirement for Non-Banking Financial Institutions

On October 27, 2023, the FTC approved an amendment to the Safeguards Rule (the “Amendment”) requiring that non-banking financial institutions notify the FTC in the event of a defined “Notification Event” where customer...more

CL0P Ransomware Gang’s Exploitation of MOVEit Vulnerability: What It Means for Companies

On June 7, 2023, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) released a Joint Cybersecurity Advisory in connection with a recent zero-day (or previously...more

FTC Takes Action Against Ed Tech Provider for Failure to Secure Student’s Personal Information

On October 31, 2022, the Federal Trade Commission (FTC) announced it has taken action against education technology provider Chegg Inc. (“Chegg”) for its “careless” cybersecurity practices that exposed sensitive personal...more

NYDFS Announces Significant Cybersecurity Settlement with EyeMed Vision Care

On October 18, 2022, EyeMed Vision Care LLC (“EyeMed”) entered into a Consent Order with the New York Department of Financial Services (“DFS”) relating to a cybersecurity event from 2020 that exposed consumer nonpublic...more

Maryland Amends Data Breach and Reasonable Security Requirements

Maryland recently passed House Bill 962, amending Maryland’s Personal Information Protection Act (PIPA) (Md. Code Ann. Comm. Law 14-3504). As summarized below, House Bill 962 amends certain aspects of PIPA relating to breach...more

The Cybersecurity Incident Reporting Requirements Fail in the Latest Version of the National Defense Authorization Act

On December 7, 2021, the House of Representatives passed the National Defense Authorization Act for Fiscal Year 2022 (NDAA), which notably excluded any cybersecurity incident reporting requirements. In September, the House...more

China’s Initial Draft Regulations on the Management of Online Data Security: Important Takeaways

On November 14, 2021, the Cyberspace Administration of China (CAC) released draft Regulations on the Management of Online Data Security (the “Regulations”) for China’s data privacy and security laws, including the...more

U.S. and Allies Formally Accuse China of Microsoft Hack and Cyberespionage

On July 19, 2021, the Biden administration, along with a group of allies publicly accused the Chinese government of malicious cyber activities and irresponsible state behavior.  The joint announcement states the U.S....more

14 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide