Latest Publications

Share:

DFS Issues New Guidance Regarding Cybersecurity Regulation and the Adoption of an Affiliate’s Cybersecurity Program

On October 22, 2021, the New York State Department of Financial Services (“DFS”) issued new Guidance regarding a Covered Entity’s compliance with New York’s Cybersecurity Regulation where the Covered Entity relies on the...more

Massive T-Mobile Data Breach Reignites Calls for National Privacy and Data Security Law

A little over two weeks ago, T-Mobile became the latest victim of a cyberattack when more than 50 million of their customers’ data was stolen.  In the ensuing weeks, three class action suits have been filed against the...more

New York City Enacts A Biometric Privacy Law

Earlier this year, New York City passed a law restricting the collection and/or use of biometric technology by certain businesses.  The new law goes into effect July 9, meaning applicable businesses have a couple more weeks...more

Biden Administration Sets Sights on Cybersecurity with Executive Order

The Biden Administration is zeroing in on cybersecurity.  In the wake of a high-profile wave of cyberattacks, including the SolarWinds supply chain attack and the more recent Colonial Pipeline ransomware attack, President...more

Forensic Analysis and Privilege in the Wake of a Data Breach

In the wake of a data breach, counsel will often require the assistance of a forensic firm in order to provide legal advice to their client. The forensic analysis—which is often memorialized in a report to counsel—is crucial...more

Win for Walmart as District Court Gives Strict Reading to CCPA

In a win for data privacy defendants, Walmart secured a ruling that favors a narrow interpretation of the California Consumer Privacy Act (CCPA).  In Gardiner v. Walmart Inc. et al, 4:20-cv-04618-JSW, a Walmart customer,...more

Hack of IT Service Provider May Affect Thousands of Private Businesses

On December 13, the software and service provider SolarWinds announced that its Orion software platform had been the target of a sophisticated cyber-attack that may have resulted in malicious code being pushed to as many as...more

Supreme Court Hears Oral Argument in Landmark CFAA Case

The United States Supreme Court heard oral argument on Monday in Van Buren v. United States, No. 19-783, a landmark case involving a key provision of the Computer Fraud and Abuse Act (“CFAA”). At issue was whether a person...more

Ransomware Attacks During COVID-19

As we previously described and as reflected in the rapidly increasing number of cyber-attacks since its start, the COVID-19 pandemic has triggered a shift in working practices that hackers and other bad actors are using to...more

New York DFS Announces First Cybersecurity Enforcement Action

The New York Department of Financial Services (“DFS”) recently initiated its first enforcement action against a company for violating DFS’s first-in-the-nation cybersecurity regulation. As our readers know, we have written...more

The Minted Complaint: Another Case Brought Under the CCPA’s Private Right of Action

Well before the California Attorney General’s power to enforce the California Consumer Privacy Act (CCPA) commenced on July 1, 2020, as we have recently reported, private plaintiffs had already jumped into the fray, suing...more

Magistrate Judge Finds Data Breach Investigation Report Not Privileged

Last week, a magistrate judge in the Eastern District of Virginia held that a breach report prepared by Mandiant (a digital forensics investigator, among other things) in response to the Capital One data breach was not...more

New York State AG Probe of Zoom Results in Enhanced Cybersecurity Practices

The Zoom videoconferencing platform has been a constant fixture in recent news as the coronavirus pandemic has caused businesses around the world to flock to it, exposing significant cybersecurity and privacy concerns. These...more

Supreme Court Grants Cert to Resolve Long-Standing CFAA Circuit Split

We have previously written about the thorny questions surrounding the Computer Fraud and Abuse Act (“CFAA”), including how its ambiguous language concerning what computer use is “authorized” has divided the Circuits and how...more

DFS Extends Cybersecurity Certification Deadline to June 1, 2020

In response to the COVID-19 pandemic, the New York Department of Financial Services (DFS) recently extended by 45 days the deadline for companies to certify compliance with the DFS cybersecurity regulation. ...more

Court Approves Historic Equifax Data Breach Settlement

The aftermath from one of the largest data breaches in U.S. history is nearing the end, as the presiding judge approved a proposed class action settlement resolving claims arising from Equifax’s September 2017 data breach. ...more

Countdown to the California Consumer Protection Act: Charting a Course to CCPA-Readiness

The California Consumer Privacy Act (“CCPA”) becomes operative on January 1, 2020. See Cal Civ. Code § 1798.100 et al. To date, the CCPA is the most sweeping consumer privacy law in the United States, covering most for-profit...more

Home Depot Joins Facebook and Others in Facing Suit for Scanning Faces

This past week, The Home Depot, Inc. became the latest business hit with a class action lawsuit for their use of facial recognition security cameras allegedly in violation of the Illinois Biometric Information Privacy Act. ...more

Capital One Hack Prosecution Raises New and Old Questions about Adequacy of CFAA

On August 28, 2019, almost a month after Paige A. Thompson was arrested based on allegations that she hacked into servers rented by Capital One Financial Corporation, a criminal indictment was returned charging her with one...more

The Perils of Sharing Privileged Communications with Third-Party Vendors

On May 6, 2019, Magistrate Judge Gorenstein issued an order that should be a wake-up call for attorneys contemplating hiring and sharing privileged communications with an outside public relations firm. This decision also has...more

A Closer Look at the CCPA’s Private Right of Action and Statutory Damages

The California Consumer Privacy Act (CCPA) has significantly altered the potential consequences of a data breach under California law by permitting California consumers to bring civil suits for statutory damages, Cal. Civ....more

New York Launches Cybersecurity Unit

Today, New York’s top financial regulator, the Department of Financial Services, announced the formation of a dedicated “Cybersecurity Division.” In a news release issued earlier today, the agency said the new division “will...more

FBI Reports An Increasing Rate Of Internet-Facilitated Crime

The FBI’s Internet Crime Complaint Center, better known as IC3, released its 2018 Internet Crimes Report. For those unfamiliar with the IC3, it was established by the FBI in May 2000 as a central repository for public...more

FBI’s Brief Expands to Combat Cyber Threats

The nation’s top law enforcement agency is rebooting its cybercrime capabilities. In an effort to keep up with the evolving threats against property, critical infrastructure and human life posed by cyber-attacks –especially...more

In Warning Shot to Foreign Hackers, U.S. Indicts Two Iranian Nationals for Massive Ransomware Attacks

Yesterday, the United States indicted two Iranian hackers for their roles in a series of major ransomware attacks that started in 2016 and lasted almost three years. The attacks crippled schools, hospitals, the private...more

80 Results
 / 
View per page
Page: of 4

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide