A federal judge in California dismissed a lawsuit alleging a data breach at Walmart was a violation of the California Consumer Privacy Act, noting the plaintiff failed to prove a breach occurred.
Cybersecurity
Posted inRegulatory Enforcement
Robinhood Crypto anticipates $10M penalty for cyber, AML failures
Robinhood Markets said its cryptocurrency platform might face a penalty of “at least” $10 million from the New York State Department of Financial Services for anti-money laundering and cyber-security failures.
Posted inEurope
British Airways settles 2018 data breach class action
British Airways has settled one of the U.K.’s largest group actions after thousands of people sought compensation following a 2018 data breach that resulted in the airline being fined under the GDPR.
Posted inRisk Management
TPRM 2021: What to do before, during, and after a ransomware attack
Two risk and compliance practitioners opened their cyber-playbooks at CW’s TPRM virtual event, explaining how to identify and address vulnerabilities, establish transparency with vendors, and strengthen an organization’s incident management program.
Posted inRisk Management
Takeaways from NYDFS ransomware guidance
The New York State Department of Financial Services has issued guidance for regulated entities describing best practices for reducing the risk of a ransomware attack.
Posted inRisk Management
Pandemic effect on TPRM practices here to stay, expert warns
With many businesses still sorting through the new layers of risk that have emerged over the last 16 months, Linda Tuck Chapman of the Third Party Risk Institute shared her top areas of focus and more at CW’s virtual TPRM event.
Posted inRisk Management
Big week for breaches: McDonald’s, Carnival, and more
Multiple high-profile companies—including Carnival, Wegmans, McDonald’s, Volkswagen, and CVS—have confirmed in recent days they were either victims of a data breach or were alerted to a gap in their security controls.
Posted inRegulatory Enforcement
First American Financial settles SEC charges for cyber-security failures
First American Financial Corp. reached a $487,616 settlement with the SEC for failing to maintain cyber-security disclosure controls and procedures that exposed more than 800 million title insurance records containing sensitive customer information.
Posted inRegulatory Policy
SEC rulemaking list 2021: ESG, cyber-risk governance among highlights
The SEC’s spring 2021 rulemaking list is brimming with proposed regulations that would enhance ESG-related disclosures for public companies in areas like climate change, board diversity, human capital management, and cyber-security risk governance.
Posted inRisk Management
JBS USA confirms $11M ransom payment to hackers
Meatpacker JBS USA announced it paid the equivalent of $11 million in ransom in response to a May cyber-attack that impacted its operations in North America and Australia.
