On Halloween, the New York and Vermont attorneys general obtained a $700,000 settlement from Hilton for, among other violations, late breach notification. Earlier this week, we noted that the Reserve Bank of India (“RBI”) imposed a $1 million USD fine on India’s Yes Bank for violating RBI’s 2 to 6 hour data breach notification requirement. So, as we have been predicting for some time, it seems that regulators are starting to step up enforcement and … Continue Reading
We have issued a memo on recent proposed cybersecurity regulations by the New York State Department of Financial Services that would be more stringent than existing federal requirements for certain financial entities. The memo highlights similarities and differences between the proposed regulations and federal regulations and guidance.