First American fined $1M by NYDFS over 2019 cybersecurity breach
By 
Adrianne Appel2023-11-29T19:05:00
A title insurance company agreed to pay a $1 million fine and implement stronger compliance measures for allegedly not securing customers’ personal data, particularly during a 2019 cybersecurity breach.
First American Title Insurance Company, the second largest title insurer in the nation, did not address a known vulnerability on its proprietary storage platform, EaglePro, before the issue was exposed by a cybersecurity journalist months later, according to the New York State Department of Financial Services (NYDFS). The regulator announced the action Tuesday.
Under the NYDFS’s 2017 Cybersecurity Regulation, First American was required to have controls in place to secure its customer data.
Related articles
-
News BriefVF discloses data breach impacted 35.5M customers
Apparel company VF Corp., the owner of brands including The North Face, Vans, and Timberland, disclosed its estimation approximately 35.5 million customers had their personal data stolen as part of a cybersecurity incident it uncovered in December.
-
News BriefGenesis Global Trading fined $8M by NYDFS over AML, cyber lapses
Virtual currency brokerage firm Genesis Global Trading agreed to pay an $8 million penalty levied by the New York State Department of Financial Services for alleged compliance failures that left it vulnerable to illicit activity and cybersecurity threats.
-
News BriefOneMain Financial fined $4.25M in NYDFS cybersecurity case
Mortgage servicer OneMain Financial Group will pay $4.25 million to settle allegations it left customer information vulnerable to cyberattacks by failing to implement required controls under New York’s cybersecurity law.
More from Regulatory Enforcement
-
ArticleFormer Credit Suisse compliance officer charged with money laundering
A compliance officer is facing charges for laundering $7 million in a complex legal case in Switzerland. Swiss prosecutors have charged Credit Suisse, and one of its former employees, with failing to maintain adequate controls.
-
News BriefCFPB humility pledge reshapes exam process, as agency faces uncertain future
The U.S. Consumer Financial Protection Bureau’s Supervision Division introduced a new “humility pledge” last month that examiners will read aloud at the start of each oversight engagement. It’s another shift in how the organization handles itself under the Trump administration.
-
ArticleSan Francisco firm pays $11.4M for alleged Russia-related sanctions violations
A San Francisco-based private equity firm has agreed to pay $11.4 million to settle allegations it violated U.S. sanctions rules by handling investments for a sanctioned Russian oligarch.