T-Mobile agreed to create a $350 million fund and spend an additional $150 million on improving its data security to settle a class-action lawsuit related to a 2021 hack that exposed the personal information of more than 76 million customers.
Cybersecurity
Posted inRegulatory Enforcement
Chinese regulator fines Didi $1.2B for data security violations
The Cyberspace Administration of China levied fines of more than ¥8 billion (U.S. $1.2 billion) against ridesharing platform Didi Global and ¥1 million (U.S. $148,000) against two company executives for violating the country’s data security regulations.
Posted inRegulatory Enforcement
Aerojet Rocketdyne to pay $9M in cybersecurity whistleblower case
Aerojet Rocketdyne has agreed to pay $9 million to resolve allegations raised by a whistleblower that the aerospace and defense manufacturer misled the federal government regarding its compliance with cybersecurity requirements in certain contracts.
Posted inAccounting & Auditing
Survey: Inflation, climate risk top audit partner economic concerns for 2022
The economy, cybersecurity, climate change, and cryptocurrency are among top concerns for the year ahead expressed by U.S. public company audit partners as part of a new Center for Audit Quality survey.
Posted inRegulatory Enforcement
NYDFS penalizes Carnival $5M for cybersecurity failures
The New York State Department of Financial Services announced a $5 million penalty against Carnival Corp. for “significant” cybersecurity failures, including not implementing basic protocols to prevent four separate data breaches from 2019-21.
Posted inRegulatory Enforcement
Carnival reaches $1.25M settlement over 2019 data breach
Carnival Cruise Line reached a $1.25 million settlement with 46 attorneys general stemming from its 2019 data breach that involved the personal information of 180,000 Carnival employees and customers nationwide.
Posted inRisk Management
Five prevailing themes from TPRM Summit
Editor In Chief Kyle Brasseur recaps popular points of discussion across Compliance Week’s two-day Third-Party Risk Management Summit held in Chicago.
Posted inAnti-Bribery
Survey: Cyber threats, remote work, financial pressures key ABC concerns for 2022
Compliance programs globally expect to shoulder more responsibilities in 2022, according to Kroll’s latest Anti-Bribery and Corruption Benchmarking Report.
Posted inRegulatory Enforcement
SEC commissioners address CCO liability, crypto regulation, more at CW2022
Two SEC commissioners from opposite sides of the political aisle took slightly different positions on how to assess the liability of poor performing chief compliance officers as part of the Day 2 opening keynote at Compliance Week’s National Conference.
Posted inRegulatory Enforcement
SEC to increase staffing around crypto asset-related investigations
The Securities and Exchange Commission announced plans to nearly double the number of employees assigned to its Cyber Unit, which has had its name changed to emphasize the agency’s pursuit of crypto asset-related investigations.
