News & Analysis as of

Securities and Exchange Commission (SEC) Enforcement Actions Data Breach

Sheppard Mullin Richter & Hampton LLP

SEC Continues its Cybersecurity Focus, Settles with Company over Lax Security Measures

The SEC recently issued an order and settlement against a company from a pair of cyberattacks in which millions of dollars of client funds were stolen. While the company was able to recover a portion of the funds and...more

Alston & Bird

The Digital Download – Alston & Bird’s Privacy & Data Security Newsletter – August 2024

Alston & Bird on

Selected U.S. Privacy and Cyber Updates - New York AG Seeks Comments on Rulemaking for Minors’ Online Protection Laws - On August 1, 2024, New York Attorney General Letitia James issued two advanced notices of proposed...more

Woodruff Sawyer

Violent Delights, Violent Ends? Two Possible Futures of SEC Cyber Regulation

Woodruff Sawyer on

What do the SolarWinds ruling and other recent developments mean for the future of the SEC’s cyber regulatory program? Will the SEC’s “lack of moderation” result in “violent ends” for its cyber agenda? Or will the current...more

Holland & Knight LLP

SEC Cyber Enforcement Update: Which Way Are the SolarWinds Blowing? (Update)

Holland & Knight LLP on

This Holland & Knight blog post is the second installment in a two-part series that examines the challenges to the U.S. Securities and Exchange Commission's (SEC) charges in its landmark case against SolarWinds Corp....more

BCLP

SDNY Dismisses Majority of SEC Landmark Charges Against SolarWinds and CISO

BCLP on

On July 18, 2024, District Court Judge Engelmayer of the Southern District of New York issued his 107-page opinion and order dismissing most – but not all – of the landmark allegations of the SEC against SolarWinds Corp. and...more

Parker Poe Adams & Bernstein LLP

Key Lessons for Cybersecurity and IT Leaders From Judge's Recent Fraud Decision in SEC Case Against SolarWinds

On July 18, a New York federal judge threw out most of the SEC’s claims brought against both SolarWinds Corp. and the company’s chief information security officer (CISO), Timothy Brown....more

Patterson Belknap Webb & Tyler LLP

SEC Settlement: Cybersecurity Internal Controls

On June 18, 2024, the Securities and Exchange Commission (“SEC”) announced a $2.1 million civil penalty settlement of charges against R.R. Donnelley & Sons (“RRD”), a global provider of business communications services and...more

Troutman Pepper

SEC Issues Additional Guidance Regarding Cybersecurity Incident Disclosure

Troutman Pepper on

On June 24, the staff of the U.S. Securities and Exchange Commission's (SEC) Division of Corporation Finance (Division of Corporation Finance) released five new Compliance & Disclosure Interpretations (C&DIs) relating to the...more

Thomas Fox - Compliance Evangelist

Navigating the New Frontier: SEC’s Enforcement Action on RR Donnelley and its Implications for Compliance

In the ever-evolving compliance landscape, the recent enforcement action by the Securities and Exchange Commission (SEC) against RR Donnelley is a significant case study. This incident underscores the importance of robust...more

The Volkov Law Group

SEC Expands Internal Controls Provision to Cover Cybersecurity Incidents and Reaches $2.1 Million Settlement with R.R. Donnelley &...

The Volkov Law Group on

In a significant expansion of internal controls enforcement, the SEC announced a $2.1 million settlement with R.R. Donnelley & Sons Co. (“RRD”) for its handling of a 2021 ransomware attack and resulting disclosure failures. ...more

Foley Hoag LLP - Security, Privacy and the...

AT&T/Snowflake Breach Hits Most of US - Vendor Exposure Strikes Again

AT&T Inc. announced in a July 12, 2024, SEC filing that hackers stole a cache of six months’ worth of mobile phone customer data, illegally downloading the records from a workspace account at the cloud-service provider...more

Holland & Knight LLP

SEC Expands Scope of Internal Accounting Controls in Cybersecurity Breach Settlement

Holland & Knight LLP on

The SEC continues to expand its cybersecurity enforcement authority to include allegations that a company's failure to monitor its managed security service providers (MSSP) amounts to violations of federal securities laws....more

Faegre Drinker Biddle & Reath LLP

FINRA to Member Firms: “You Heard the SEC, Create Plans for Data Breaches Now!”

On May 15, 2024, the SEC announced it would make amendments to Regulation S-P (Reg S-P). This will be the first amendment to the regulation since its adoption 24 years ago in 2000. The regulation focuses on how institutions...more

Dechert LLP

Dechert Cyber Bits - Issue 56

Dechert LLP on

SEC Fines the New York Stock Exchange’s Parent Company $10 million for Failure to Promptly Notify Its Subsidiaries of Cybersecurity Breach - On May 22, 2024, the Securities and Exchange Commission (“SEC”) imposed a $10...more

Seward & Kissel LLP

SEC Adopts Data Privacy Rule Amendments to Regulation S-P

Seward & Kissel LLP on

Who may be interested: Investment Companies; Investment Advisers; Broker-Dealers; Transfer Agents - The SEC adopted amendments to Regulation S-P imposing new data privacy and security requirements on broker-dealers,...more

Baker Donelson

[Webinar] New Privacy and Cybersecurity Regulations: What Financial Institutions Need to Know to Stay Compliant - June 13th, 10:00...

Baker Donelson on

The financial services industry has seen a litany of new data privacy and cybersecurity challenges through the first half of 2024. Financial institutions are facing unprecedented compliance hurdles resulting from the...more

Robinson+Cole Data Privacy + Security Insider

Intercontinental Exchange Settles with SEC Over Alleged Delay in Notification of Hack

Intercontinental Exchange, Inc. (ICE), the owner of the New York Stock Exchange, has agreed to settle with the Securities and Exchange Commission (SEC) for $10 million over allegations that it failed to timely notify the SEC...more

Eversheds Sutherland (US) LLP

A Measured Approach - US Cybersecurity and Data Privacy Review and Update: Looking back on our 2023 articles and planning ahead...

Technological advances, especially in Artificial Intelligence and quantum computing, will continue to amaze in the coming years. They will open up vast new opportunities while presenting profound regulatory, litigation, and...more

A&O Shearman

Chief information Security Officers and cyber whistleblowing: considerations for boards and breach response teams

A&O Shearman on

At this point, it is self-evident that companies are grappling with an ever-evolving (think: tougher) cyber risk terrain. However, two recent cases against companies and their Chief Information Security Officers (CISOs),...more

WilmerHale

FTC Enters Consent Agreement With Blackbaud Following Major Data Breach

WilmerHale on

On February 1, the Federal Trade Commission (FTC or “the Commission”) announced that it had reached a settlement with Blackbaud, a software company, resolving claims related to a 2020 data breach that resulted in the...more

Thomas Fox - Compliance Evangelist

Solar Winds Under GDPR: Corporate Responsibility and Risks in Data Protection

The General Data Protection Regulation (GDPR) has brought about significant changes in the way organizations handle data protection and privacy. It emphasizes the importance of transparency and honesty in disclosing data...more

Sheppard Mullin Richter & Hampton LLP

For Limited Use Only: Guidance on National Security Delay Determinations under the SEC Cyber Reporting Rule

On December 12, 2023, the Department of Justice (“DOJ”) issued guidance related to the process by which companies may request the United States Attorney General authorize delays of cyber incident disclosures, pursuant to a...more

A&O Shearman

SEC Brings Groundbreaking Claims Against Company For Fraud Relating To Data Breach

A&O Shearman on

On October 30, 2023, the Securities and Exchange Commission filed claims against a software company (the “Company”) and its Chief Information Security Officer for alleged fraud and internal control failures relating to known...more

Holland & Knight LLP

Winds of Change: SEC's SolarWinds Lawsuit Signals Hotter Cybersecurity Enforcement

Holland & Knight LLP on

The SEC on Oct. 30, 2023, filed a landmark cybersecurity enforcement action against SolarWinds Corp. (SolarWinds) and the company's current Chief Information Security Officer (CISO) Timothy Brown. The SEC's complaint alleges...more

Thomas Fox - Compliance Evangelist

SEC, Solar Winds and Compliance

The recent SEC lawsuit against SolarWinds Corp and its CISO, Tim Brown, following the 2020 data breach, has brought the issue of executive liability in cybersecurity disclosures to the forefront. This case sheds light on the...more

139 Results
 / 
View per page
Page: of 6

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide