The Financial Conduct Authority fined Equifax’s U.K. unit more than £11 million (U.S. $13.3 million) regarding the company’s 2017 data breach that affected approximately 13.8 million U.K. consumers.
Cybersecurity
Posted inEurope
EOS Matrix battles back against Croatian DPA in $5.8M GDPR case
Debt collector EOS Matrix said it will challenge a General Data Protection Regulation penalty levied against it by the Croatian data protection authority after finding the data in question in the case does not match the data in its database.
Posted inData Privacy
Expert: How data hoarding increases businesses’ cyber risks
Holding on to data for longer than necessary creates vulnerabilities for businesses by giving cyberattackers more avenues to access an organization’s computer systems.
Posted inRisk Management
OCC examiners to focus 2024 attention on risks that led to bank failures
Bank examiners from the Office of the Comptroller of the Currency are focusing their supervision attention on how banks manage risks that brought down three mid-sized financial institutions earlier this year.
Posted inRisk Management
MGM discloses $100M hit from cyberattack
MGM Resorts International said it expects to take a $100 million hit as part of the fallout of a cyberattack that has most significantly impacted its Las Vegas operations.
Posted inRisk Management
Expert: Clorox ‘trying to do the right thing’ with rapid cyberattack disclosures
The timing of a recent cyberattack against Clorox juxtaposed against the Securities and Exchange Commission’s adoption of its cybersecurity incident disclosure rule soon to take effect has presented a case study regarding how companies might seek to meet the requirements of the rule.
Posted inRegulatory Enforcement
Cybersecurity firm Intrusion to settle SEC fraud claims
Texas-based cybersecurity company Intrusion was charged with fraud by the Securities and Exchange Commission regarding alleged materially false and misleading statements made by its former chief executive.
Posted inAccounting & Auditing
California cybersecurity audit rule scope begins taking shape at CPPA meeting
A final version of California’s cybersecurity audit rules likely won’t be released until later next year at the earliest, according to a rough timeline discussed by the California Privacy Protection Agency.
Posted inEurope
Paying ransom to avoid GDPR fine an unwise gambit
Companies that think paying reduced ransomware demands would be a better move than informing regulators of a data breach and facing enforcement are playing with fire, according to experts.
Posted inRegulatory Enforcement
Verizon unit to pay $4.1M in cybersecurity false claims case
Verizon Business Network Services agreed to pay approximately $4.1 million to settle allegations levied by the Department of Justice regarding false claims caused by failure to fully implement cybersecurity controls required of a government contractor.
