News & Analysis as of

Cybersecurity Third-Party Data Breach

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
Spilman Thomas & Battle, PLLC

Decoded - Technology Law Insights, V 6, Issue 2, February 2025

Welcome to our second issue of 2025 of Decoded - our technology law insights e-newsletter. For those of you with an interest in the Corporate Transparency Act, Brienne Marco and Joe Unger report that the recent injunction...more

Clark Hill PLC

The Growing Cybersecurity Risks in the Cannabis Industry

Clark Hill PLC on

Those familiar with the industry know that cannabis retailers find themselves in a unique position compared to other product retailers. Cannabis retailers face significant regulatory hurdles to their operation—particularly in...more

Mitratech Holdings, Inc

Red Flags In Your Vendor’s Business Continuity Plan

Ensure your vendors are crisis-ready by recognizing these key indicators of weak continuity planning. The interconnected nature of modern business means that your vendors’ operational resilience can, and frequently does,...more

Robinson+Cole Data Privacy + Security Insider

Privacy Tip #430 – GrubHub Confirms Security Incident Through Third Party Vendor

If you are a GrubHub customer, read carefully. The app has confirmed a security incident involving a third-party vendor that allowed an unauthorized threat actor to access user contact information, including some customer...more

Sheppard Mullin Richter & Hampton LLP

Looking Beyond FedRAMP – Lessons from the U.S. Treasury Cybersecurity Incident

In the ever-evolving world of cybersecurity, even organizations that meet stringent security standards can be victims of sophisticated cyberattacks. A notable example of this is the December 8, 2024 cybersecurity incident...more

Wiley Rein LLP

Cyber Risks and Insurance 2025 Forecast

Wiley Rein LLP on

As we prepare to close the books on another eventful year in the cyber and privacy space, Wiley’s cyber insurance team is already making predictions for 2025. Q: So, let’s get right into it – based on your experience this...more

Paul Hastings LLP

China Enhances Scrutiny for Cross-Border Data Transfer that would Impact Multinational Companies

Paul Hastings LLP on

1. Introduction- China’s cross-border data transfer rules are unfolding in real time and taking clearer shape. On July 7, 2022, China’s cybersecurity regulatory agency, the Cyberspace Administration of China (“CAC”), issued...more

Jackson Lewis P.C.

Construction Industry: Data Security Considerations

Jackson Lewis P.C. on

No industry is immune to privacy and cybersecurity risks, and the construction industry is no exception. Those in the construction industry can protect against a potential cyberattack by understanding the risks and...more

Jackson Lewis P.C.

The RIPTA Data Breach May Provide Valuable Lessons About Data Collection and Retention

Jackson Lewis P.C. on

Efforts to secure systems and data from a cyberattack often focus on measures such as multifactor authentication (MFA), endpoint monitoring solutions, antivirus protections, and role-based access management controls, and for...more

Cozen O'Connor

Water Filtration Retailer Settles Allegations Stemming From 2019 Data Breach

Cozen O'Connor on

New York AG Letitia James reached a settlement with online water filtration retailer Filters Fast LLC to resolve allegations that it failed to protect customers’ payment card information in a 2019 data breach in violation of...more

Jackson Lewis P.C.

Data Protection And The Role Of Vendor Management

Jackson Lewis P.C. on

The SolarWinds hack highlights the critical need for organizations of all sizes to include cyber supply chain risk management as part of their information security program. It is also a reminder that privacy and security...more

Balch & Bingham LLP

Mortgage Analytics Company and FTC Agree to Settlement on Allegations Related to Third-Party Vendor Data Breach

Balch & Bingham LLP on

Ascension Data & Analytics LLC, a data analytics company for the mortgage industry, has entered into a proposed settlement agreement with the Federal Trade Commission (FTC) following allegations that it violated the...more

BakerHostetler

Steps to Develop a Mature Third-Party Risk Management Program With High-Risk Third Parties (Part 3)

BakerHostetler on

This blog is the third in a series exploring how organizations can prevent or mitigate the severity of a third-party data breach or cyber exploit by implementing a variety of cybersecurity risk management controls, such as...more

BakerHostetler

Steps to Develop a Mature Third-Party Risk Management Program with High-Risk Third Parties (Part 2)

BakerHostetler on

This blog is the second in a series exploring how organizations can prevent or mitigate the severity of a third-party data breach or cyber exploit by implementing a variety of cybersecurity risk management controls, such as...more

Patterson Belknap Webb & Tyler LLP

Millions of Patient Records Exposed in Breach at Medical Testing Giants’ Third-Party Vendor

It’s been a tough week for the healthcare industry. Just days after Quest Diagnostics reported a breach at a third-party vendor affecting approximately 11.9 million of its patients, LabCorp disclosed that a breach at the...more

Jackson Lewis P.C.

Should Companies Terminate Third Party Vendors That Cause A Data Breach?

Jackson Lewis P.C. on

According to reports, bank customers in Australia (yes, data breach notification requirements exist down under) have been affected by “an industry-wide” data breach experienced by a third-party service provider to the banks –...more

NAVEX

Vendor Risk & Data Security: Why Is This So Hard?

NAVEX on

Studies about vendor risk related to data security always fascinate me, because conceptually those risks are so similar to the vendor risk challenges corporate compliance officers face with anti-corruption — and yet, the...more

Skadden, Arps, Slate, Meagher & Flom LLP

Privacy & Cybersecurity Update - October 2018

In this month's edition of our Privacy & Cybersecurity Update, we examine the European Data Protection Board's published opinions on data protection impact assessments, an Ohio court's ruling that bitcoin is covered insured...more

Steptoe & Johnson PLLC

First Look - Summer 2018: Insurance Newsletter

Steptoe & Johnson PLLC on

Your company’s computer system has been compromised by a hacker. From your initial investigation, you discover that the hacker has accessed proprietary company information and customer information including Social Security...more

Thomas Fox - Compliance Evangelist

Day 17 of One Month to More Effective Continuous Improvement-Financial Health Monitoring

Continuous improvement can take many ways, shapes and forms. Typically, when it comes to third-party risks, a Chief Compliance Officer (CCO) or compliance professional will consider the ownership structure to see if there is...more

Foley & Lardner LLP

California Amends Definition of Personal Identifiable Information and Breach Notification Content Requirements

Foley & Lardner LLP on

On October 6, 2015, California Governor Jerry Brown signed into law several changes to California’s Data Breach Notification Statute. The law, as amended, adds additional categories of information into the definition of...more

Broker-Dealer Compliance + Regulation

SEC Charges Investment Adviser With Failure to Adopt Proper Cybersecurity Policies and Procedures

A registered investment adviser agreed to settle SEC charges that it failed to adopt adequate cybersecurity policies and procedures reasonably designed to protect customer records and information as required by Rule 30(a) of...more

Proskauer on Privacy

SEC Announces Cybersecurity Enforcement Action

Proskauer on Privacy on

On September 22, 2015, the Securities and Exchange Commission (SEC) announced the settlement of an enforcement action against a St. Louis-based registered investment adviser (Adviser) brought under Rule 30(a) of Regulation...more

Alston & Bird

SEC Provides Additional Information On Cybersecurity Examinations

Alston & Bird on

On September 15, 2015, the Security and Exchange Commission’s Office of Compliance Inspections and Examinations (“OCIE”) issued a Risk Alert to provide additional information on the areas of focus for its second round of...more

Foley Hoag LLP

OCIE’s 2015 Cybersecurity Examination Initiative

Foley Hoag LLP on

Second Round of Cybersecurity Examinations to Begin - On September 15, 2015, the Office of Compliance Inspections and Examinations (OCIE) of the Securities and Exchange Commission (SEC) issued a Risk Alert announcing a...more

30 Results
 / 
View per page
Page: of 2

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide