Blog Posts Tagged With Incident Response

Subscribe to Incident Response RSS Feed

One Million Dollar Breach Notification Fine for Indian Bank Shows Increased Efforts by Regulators to Force Information Sharing Following a Breach

The $1 million fine that was recently levied against Yes Bank shows the increasing risks of failing to provide timely breach notification.  On October 23, 2017, the Reserve Bank of India (“RBI”) announced that it was fining India’s Yes Bank $1 million USD for failing to comply with RBI’s breach notification requirement, among other violations.  Yes Bank experienced a cyber breach around May 2016, but did not become aware of the incident until September 2016.  … Continue Reading

The HBO Hack: Preparing for a Cyber Breach Extortion

Earlier this month, HBO disclosed that it is the latest victim of cyber breach extortion, which involves criminals hacking into a company’s computer system, extracting sensitive information (e.g., emails of executives) or valuable intellectual property (e.g., unreleased television scripts or episodes), and then threatening to make the information public if a ransom is not paid, usually in Bitcoin.  In the HBO case, the hackers claim that this is their 17th target and that all … Continue Reading

Less than Half of Financial Firms Subject to NY DFS Expect to Meet the Deadline for Compliance

A new report from the Ponemon Institute indicates that less than half of the nearly 600 financial institutions surveyed expect to meet the February 2018 deadline for certification of compliance with all of the cybersecurity rules from NY DFS that are applicable to them. Of those, nearly one-quarter said there was “no chance” they would be able to do so. Notwithstanding these challenges, the DFS has indicated on the FAQ section of its website that … Continue Reading

LexBlog