On November 8, 2021, New York Governor Kathy Hochul signed into law A.430/S.2628, which requires private employers with a place of business in New York State to provide their employees prior written notice, upon hiring, of any electronic monitoring, as defined in the Act, to which the employees will be subjected by the employer.
Continue Reading New York State Requires Private Employers to Notify Employees of Electronic Monitoring
FTC Recommends Steps to Protect Against Ransomware
On November 5, 2021, the Federal Trade Commission suggested two preventative steps small businesses can take to protect against ransomware risks. This post provides a summary of the steps.
Continue Reading FTC Recommends Steps to Protect Against Ransomware
Second Circuit Affirms Dismissal of Data Breach Class Action on Article III Standing Grounds
As reported on the Hunton Retail Law Blog, the U.S. Court of Appeals for the Second Circuit has affirmed the dismissal on Article III standing grounds of a data breach class action predicated on an alleged increased risk of identity theft. Notably, the district court that dismissed the action raised the issue of standing sua sponte in advance of a scheduled class settlement fairness hearing.
Continue Reading Second Circuit Affirms Dismissal of Data Breach Class Action on Article III Standing Grounds
Court Authorizes FBI to Remove Web Shells from Compromised Microsoft Exchange Servers
On April 13, 2021, the U.S. Department of Justice announced that the Federal Bureau of Investigation executed a court-authorized removal of malicious web shells from hundreds of vulnerable computers in the U.S. …
Continue Reading Court Authorizes FBI to Remove Web Shells from Compromised Microsoft Exchange Servers
NYDFS Settles with Mortgage Company for Data Breach
The New York Department of Financial Services recently announced it had entered into a settlement with Residential Mortgage Services, Inc. related to allegations that the company violated the NYDFS Cybersecurity Regulation in connection with a 2019 data breach. …
Continue Reading NYDFS Settles with Mortgage Company for Data Breach
UK ICO Fines Pensions Release Provider for Unsolicited Marketing Emails
The UK Information Commissioner’s Office has issued a Monetary Penalty Notice to pensions release provider Grove Pensions Solutions Ltd, fining it £40,000 after the company used contact details collected by a third party for its direct marketing campaign.
Continue Reading UK ICO Fines Pensions Release Provider for Unsolicited Marketing Emails
UK ICO Fines Vote Leave £40,000 for Unsolicited Texts
The UK’s Information Commissioner’s Office has fined Vote Leave Limited (the UK’s official Brexit campaign) £40,000 for sending almost 200,000 unsolicited texts promoting the aims of the campaign.
Continue Reading UK ICO Fines Vote Leave £40,000 for Unsolicited Texts
HHS Publishes Health Industry Cybersecurity Practices
The U.S. Department of Health and Human Services recently published “Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients,” which was developed by the Healthcare & Public Health Sector Coordinating Councils Public Private Partnership, a group comprised of over 150 cybersecurity and healthcare experts from government and private industry.
Continue Reading HHS Publishes Health Industry Cybersecurity Practices
Sixth Circuit Declines Reconsideration of American Tooling Center’s “Spoofing” Win
Recently, the Sixth Circuit rejected Travelers Casualty & Surety Company’s request for reconsideration of the court’s July 13, 2018, decision confirming that the insured’s transfer of more than $800,000 to a fraudster after receipt of spoofed emails was a “direct” loss that was “directly caused by” the use of a computer under the terms of…
Second Circuit Stands By Medidata “Spoofing” Decision
The Second Circuit has rejected Chubb subsidiary Federal Ins. Co.’s request for reconsideration of the court’s July 6, 2018, decision, confirming that the insurer must cover Medidata’s $4.8 million loss under its computer fraud insurance policy.
Continue Reading Second Circuit Stands By Medidata “Spoofing” Decision