Arendse Huld writes: China has been expanding its legal framework for cybersecurity and data protection in recent years, with further advancements seen in 2023. This year witnessed the refinement of legal requirements governing the procedures to export personal information (PI), bringing further clarity to the responsibilities and accountabilities of companies. At the same time, 2023…
Category: Breach Laws
Sg: 665,000 MBS members data leak: Govt to investigate if there was ‘significant harm’
Khine Zin Htet reports: On Nov. 7, 2023, MBS announced a breach of the personal data of 665,000 Marina Bay Sands (MBS) LifeStyle reward members by an “unknown third party” on Oct. 19 and 20, 2023. Following that, the government addressed the data breach during a parliamentary sitting held on Nov. 22. […] MBS discovered…
Australian Privacy Regulator Sues in MedLab Pathology Data Breach Case
Hunton Andrews Kurth writes: Patrick Gunning from King & Wood Mallesons reports that, on November 2, 2023, the Australian Information Commissioner filed proceedings in the Federal Court of Australia against Australian Clinical Labs Limited seeking a civil penalty (i.e., a fine) in connection with the company’s response to a data breach that occurred in February…
NYDFS Updates Its Cybersecurity Regulation to Protect Against Growing Cyber Threats
Hunton Andrews Kurth writes: On November 1, 2023, New York Governor Hochul announced that the New York State Department of Financial Services (“NYDFS”) amended its Cybersecurity Regulation applicable to covered financial institutions. Our previous blog post covered key proposed changes to the Cyber Regulation. The NYDFS, which regulates financial institutions including insurance companies, mortgage brokers and banks, adopted the…
AU: ASIC modifies licensees’ breach reporting obligations
Rachel Walker and Elouise Casey of Dentons write: Failure to comply with the mandatory breach reporting regime is arguably the canary in the coal mine for regulatory compliance to Australian Securities and Investments Commission (ASIC). We are expecting ASIC’s second annual report on the regime to be published very shortly, and we expect compliance has not…
Pennycuick Measure Providing Free Credit Monitoring for Data Breach Victims Approved by Pennsylvania Senate
Pennsylvania Senate Republicans write: The state Senate today approved bipartisan legislation sponsored by Sen. Tracy Pennycuick (R-24) to strengthen notification requirements for data breaches and provide affected citizens with free credit monitoring and a credit report. Senate Bill 824, introduced with Sen. Jimmy Dillon (D-5), would provide citizens affected by a data breach a free credit report…