NYDFS Issues Report on the SolarWinds Attack and Covered Entities’ Responses

Kate Hanniford of Alston & Bird writes:

Following the SolarWinds cyber espionage attack (the “Attack”) and the resulting focus on supply chain risk, the New York Department of Financial Services (NYDFS) has issued a report detailing the impact on and responses by its regulated covered entities to the Attack. Although there have been no reported instances of active exploitation of DFS-regulated companies as a result of the Attack, the networks of approximately 100 DFS-regulated companies were compromised as a result of the Attack.

IVF provider Genea notifies patients about the cyberattack earlier this year.
Clorox Files $380M Suit Alleging Cognizant Gave Hackers Passwords in Catastrophic 2023 Cyberattack
France Travail: At least 340,000 job seekers victims of new hack
Legal Silence and Chilling Effects: Injunctions Against the Press in Cybersecurity
PowerSchool commits to strengthened breach measures following engagement with the Privacy Commissioner of Canada
Two more entities have folded after ransomware attacks

Related: