Press Release of November 28: The New York State Department of Financial Services (DFS) today announced that First American Title Insurance Company (First American) will pay a $1 million penalty to New York State for violations of DFS’s Cybersecurity Regulation (23 NYCRR Part 500) stemming from a large-scale cybersecurity breach in May 2019. The breach…
Category: State/Local
States settle with Morgan Stanley for $6.5 million over data security incidents
In addition to Florida, represented by Consumer Protection Division Multistate and Privacy Bureau Chief Patrice Malloy and Senior Assistant Attorney General Diane Oates, the following states joined the action: Connecticut, Indiana, New Jersey, New York and Vermont. To view a copy of the agreement, click here. Source: MyFloridaLegal.com
Minnesota schools turn to voters, plead for lawmaker help in fending off cyberattacks
Dana Ferguson reports: Faced with a growing threat of cybersecurity breaches, school districts around the country and in Minnesota are turning to local taxpayers and state officials for help in building up their defenses. Voters in at least 17 communities last week weighed ballot questions letting local districts raise tax levies for cybersecurity improvements; more…
New York Plans Cyber Rules for Hospitals
James Rundle reports: New York regulators Monday plan to issue cybersecurity regulations for hospitals, after a series of attacks crippled operations at medical facilities. Under draft rules reviewed by The Wall Street Journal, New York will require general hospitals to develop and test incident response plans, assess their cybersecurity risks and install security technologies such…
NYDFS Updates Its Cybersecurity Regulation to Protect Against Growing Cyber Threats
Hunton Andrews Kurth writes: On November 1, 2023, New York Governor Hochul announced that the New York State Department of Financial Services (“NYDFS”) amended its Cybersecurity Regulation applicable to covered financial institutions. Our previous blog post covered key proposed changes to the Cyber Regulation. The NYDFS, which regulates financial institutions including insurance companies, mortgage brokers and banks, adopted the…
NY Financial Regulator Rolls Out Updated Cybersecurity Standards
Skye Witley reports: New York regulators assigned heightened cybersecurity requirements to banks, insurers, and financial services providers based in the state with the release of finalized rule amendments Wednesday. Covered entities will have to use multifactor authentication, expand cybersecurity governance duties, and conduct consistent threat testing under the regulation updated by the New York Department of Financial…