Recent activity by the New York Department of Financial Services (NYDFS) and the Securities and Exchange Commission (SEC) highlight the continued focus by government regulators on cybersecurity. As these and other regulators...more
11/17/2023
/ Corporate Governance ,
Cybersecurity ,
Data Breach ,
Data Security ,
Financial Regulatory Reform ,
Financial Services Industry ,
NYDFS ,
Popular ,
Regulatory Agenda ,
Regulatory Reform ,
Securities and Exchange Commission (SEC) ,
Securities Fraud ,
Securities Litigation
We have written here previously about the dramatic increase in cyberattacks on companies of all types since the start of the COVID-19 pandemic. Indeed, by some estimates, ransomware attacks have increased over 90% during the...more
Earlier this month, the New York State Department of Financial Services (NYDFS) announced a settlement and consent order with National Securities Corporation (National Securities) for $3 million in connection with National...more
4/27/2021
/ Compliance ,
Cybersecurity ,
Data Breach ,
Enforcement Actions ,
Financial Institutions ,
Financial Services Industry ,
National Security ,
National Security Review Proceedings ,
New York ,
NYDFS ,
Popular ,
Settlement
On March 3, 2021, the New York State Department of Financial Services (NYDFS) announced a settlement with Residential Mortgage Services, Inc. (RMS) for $1.5 million in connection with its violation of the NYDFS Cybersecurity...more
3/8/2021
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Enforcement Actions ,
Financial Services Industry ,
Government Agencies ,
Notification Requirements ,
Personal Data ,
Phishing Scams ,
Popular ,
Risk Assessment ,
Settlement ,
State and Local Government
On February 4, 2021, the Eleventh Circuit Court of Appeals issued a critical opinion addressing Article III standing in private data breach actions, which has been the subject of a closely watched circuit split.
The case,...more
3/2/2021
/ Appeals ,
Article III ,
Class Action ,
Consumer Information ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Injury-in-Fact ,
Personal Information ,
Popular ,
Standing
As the COVID era drags on, it is clear that work life “post-COVID” may be very different from life “pre-COVID.” This is especially true as it relates to IT security. More and more employees have shifted to a telecommuting...more
1/15/2021
/ Coronavirus/COVID-19 ,
Corporate Counsel ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Employees ,
Employer Liability Issues ,
Multi-Factor Authentication ,
Network Security ,
Remote Working ,
Telecommuting ,
Virtual Private Networks
On October 28, 2020, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI) and the Department of Health and Human Services (HHS) issued a...more
10/30/2020
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Breach ,
Data Privacy ,
Data Security ,
Department of Health and Human Services (HHS) ,
FBI ,
Federal Agency Taskforce ,
Healthcare ,
Healthcare Facilities ,
Malware ,
Public Health ,
Ransomware
On October 8, 2020, Community Health Systems, Inc. (Community Health) and its subsidiary CHSPSC, LLC entered into a settlement agreement with 28 states for $5 million to resolve claims related to a 2014 data breach. Community...more
On September 15, 2020, the New York Attorney General’s Office (NYAG) announced a settlement with Dunkin’ Brands, Inc. (Dunkin) in connection with a September 2019 lawsuit brought by the NYAG against Dunkin for alleged...more
On September 15, 2020, the SEC’s Office of Compliance Inspections and Examinations (OCIE) issued a Risk Alert highlighting the recent uptick in “credential stuffing” cyber-attacks against SEC-registered investment advisors...more
9/18/2020
/ Broker-Dealer ,
Compliance ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Protection ,
Identity Theft ,
Investment Adviser ,
Popular ,
Risk Alert ,
Securities and Exchange Commission (SEC)
On May 26, 2020, a United States Magistrate Judge in the Eastern District of Virginia ordered Capital One to disclose to class action plaintiffs a report prepared by Mandiant, a cyber forensics firm, for Capital One’s outside...more
As the COVID-19 pandemic continues to demand the attention of corporate leaders and the public at large, businesses have likely had little time to get up to speed on New York’s new data breach notification law, the Stop Hacks...more