The Briefing: Failure to Disclose Relationship with Real Party in Interest Results in Serious Sanctions
Podcast: The Briefing - Failure to Disclose Relationship with Real Party in Interest Results in Serious Sanctions
Joseph Sullivan, Uber’s beleaguered former Chief Information Security Officer, was back in the news last month when he appealed his 2023 conviction for his role in concealing a 2016 breach of Uber’s network and customer data....more
On October 22, 2024, the Securities and Exchange Commission (“SEC”) filed settled enforcement orders involving four current and former public companies – Unisys Corp., Avaya Holdings Corp., Check Point Software Ltd, and...more
A New Your federal district judge handed down a significant decision dismissing much of the SEC’s securities fraud enforcement action against SolarWinds arising from its claims relating to SolarWinds’ cybersecurity policies,...more
In the ever-evolving compliance landscape, the recent enforcement action by the Securities and Exchange Commission (SEC) against RR Donnelley is a significant case study. This incident underscores the importance of robust...more
The SEC on Oct. 30, 2023, filed a landmark cybersecurity enforcement action against SolarWinds Corp. (SolarWinds) and the company's current Chief Information Security Officer (CISO) Timothy Brown. The SEC's complaint alleges...more
The recent SEC lawsuit against SolarWinds Corp and its CISO, Tim Brown, following the 2020 data breach, has brought the issue of executive liability in cybersecurity disclosures to the forefront. This case sheds light on the...more
In a first, bold move by the Securities and Exchange Commission (SEC) following its new Rules on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure by Public Companies, issued on July 26, 2023, this...more
The U.S. Securities and Exchange Commission has a message for publicly-traded companies that suffer a data breach: own up. On Monday, the SEC sued Texas-based SolarWinds––and its Chief Information Security Officer...more
On October 5, 2022, after a monthlong jury trial, former Uber Chief Information Security Officer Joseph Sullivan was found guilty of obstructing proceedings of the Federal Trade Commission (FTC) and misprision of a felony...more
This past summer’s string of cyber enforcement actions signals that cybersecurity has become a top priority for the US Securities and Exchange Commission (“SEC”). This focus is consistent with the SEC’s Division of...more
As cybersecurity attacks have continued to gain prominence as a threat posing critical risk management and compliance challenges for financial institutions, the Securities and Exchange Commission (SEC) has emerged as an...more
The U.S. Securities and Exchange Commission announced on April 24, 2018 that Yahoo! (now known as Altaba, Inc.) agreed to pay a $35 million civil penalty to resolve claims that it failed to appropriately and timely disclose...more
The Situation: The SEC accused Altaba Inc., then known as Yahoo! Inc., of misleading investors by failing to disclose a major data breach orchestrated by Russian hackers. The Result: Altaba has agreed to pay $35 million to...more
The fallout from the Yahoo data breaches continues to illustrate how cyberattacks thrust companies into the competing roles of crime victim, regulatory enforcement target and civil litigant. ...more
The Securities and Exchange Commission (SEC) has undertaken its first enforcement action in connection with a public company’s failure to timely disclose cyber-issues. Last month, Altaba Inc., the former Yahoo! Inc. (Yahoo!),...more
On April 25, the Securities and Exchange Commission announced a settlement with Yahoo that constituted its first enforcement action against a public company for failing to disclose a data breach. This settlement...more
In the aftermath of the April 24, 2018, Securities and Exchange Commission (SEC) statement announcing its penalty against Altaba Inc., formerly Yahoo! Inc. (Yahoo!), for failing to timely report a massive data breach,...more
The U.S. Securities and Exchange Commission announced on April 24, 2018, that Yahoo! — now known as Altaba — agreed to pay a $35 million penalty to settle claims that the company failed to timely disclose a 2014 data breach...more
In late April 2018, the SEC and Altaba (formerly known as Yahoo!) agreed to a $35 million penalty to settle charges that Yahoo! misled investors by failing to disclose to investors its December 2014 data breach in which...more
On April 24, 2018, the Securities and Exchange Commission (the “SEC”) announced that Altaba Inc. (f/k/a Yahoo! Inc.) agreed to pay a $35 million penalty relating to charges that it misled investors with respect to disclosure...more
On April 24, 2018, the Securities Exchange Commission (SEC) announced a $35 million fine against the company formerly known as Yahoo! Inc. (now known as Altaba, Inc.) for failing to disclose a massive cyber data breach to its...more
Much has already been written about the SEC’s enforcement action involving Yahoo’s failure to adequately disclose a cyberbreach.1 I am writing about something that the SEC’s announcement and order did not address and...more
The Securities and Exchange Commission’s $35 million settlement with Altaba Inc., the successor in interest to Yahoo! Inc., is the first civil penalty of its kind for a data breach and underscores the agency’s increasing...more
The Securities and Exchange Commission (the “SEC”) announced Tuesday that Altaba, the entity formerly known as Yahoo! Inc., has agreed to pay a $35 million penalty to settle charges that it misled investors by failing to...more
On March 2, Yahoo, Inc. (“Yahoo”) filed a proposed settlement in In re Yahoo Inc. Securities Litigation, which was filed in U.S. District Court in San Francisco. ...more