In recent years, data breaches have escalated from isolated technical issues to significant legal battles. Businesses are witnessing a sharp rise in data breach lawsuits, underscoring the growing legal risks associated with...more
On October 2, the New York State Department of Health (NYSDOH) issued new cybersecurity regulations (Regulations) for all general hospitals in New York state (“hospitals”), creating a new Section 405.46 in Title 10 (Health)...more
The New York State Department of Financial Services (NYDFS) and the Attorney General’s office have recently imposed significant fines totalling $11.3 million on Geico and Travelers for data breaches that compromised the...more
President Ronald Reagan famously quipped, "I think you all know that I've always felt that the nine most terrifying words in the English language are: I'm from the Government, and I'm here to help."1 At an Oct. 23-24, 2024,...more
Cyber incidents have been growing at an exponential rate in recent years. A recent report from the Identity Theft Resource Center found that there were over one billion data breach victims in Q2 of 2024, which is around five...more
Cyber incidents have surged in recent years, with attacks more than doubling since 2020 and the number of victims totaling in the hundreds of millions in 2023 alone. These incidents can cost organizations millions or even...more
As part of the Biden Administration’s efforts to align energy cybersecurity efforts across the country, the U.S. Department of Energy (“DOE”) has funded the release of a set of energy distribution cybersecurity baselines for...more
California continues to lead on data privacy protection. Since the adoption of the California Consumer Privacy Act (CCPA), cracking down on data breaches and promoting consumer privacy has remained a priority in the state....more
The SEC, through its Office of Compliance Inspections and Examinations (“OCIE”), recently issued its most detailed cyber guidance to date. OCIE had previously issued several cybersecurity risk alerts over the past few years....more
The best way for a company to handle a data breach is to be prepared. As we discuss in our data breach readiness handbook, preparation includes, among other things, drafting an incident response plan, reviewing...more
Although organizations have dealt with privacy issues for years, only in the past decade have they begun to view the complexities of privacy as requiring formal organizational structure, dedicated employees, and/or dedicated...more
Tom Curry, a partner in Nutter’s Corporate and Transactions Department and a co-leader of the firm’s Banking and Financial Services Group, and Seth Berman, a partner and leader of Nutter’s Privacy and Data Security practice...more
About twelve years ago, when most people had never heard the term “data breach”, a colleague asked me what type of law I practiced. I tried to explain that I helped companies collect, secure, and share data, and, when data...more
Nossaman LLP and University of California, Irvine School of Law invite you to join us for "Cybersecurity, Data Breach, and Privacy: A Real World Perspective on Prevention, Response and the Future." This complimentary...more
The receipt, storage, and handling of sensitive shipper data occurs, often frequently and in real-time, alongside the flow of goods. Commercial shippers are well aware of the supply chain security risk to the materials and...more
HHS OCR issues checklist, iterative guidance in wake of WannaCry and Petya attacks; Anthem breach settlement provides additional lessons. Key Points: ..Healthcare organizations are particularly vulnerable to ransomware...more
What is it? This new variation of Petya (“Little Peter” in Russian) is more robust ransomware than last month’s North Korean WannaCry ransomware. It has no kill switch, and it encrypts entire hard drives, not just individual...more
The WannaCry ransomware attack was first reported on Friday, May 12. Within hours, it shut down thousands of computer systems, locking users out of their own files. The latest report estimates over 300,000 computers in 150...more
Although statistics vary, in 2015 there were approximately 3930 incidents involving data loss and, according to one watchdog group, those incidents impacted over 736 million consumer records. Many of those data security...more