• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to secondary sidebar

Alston & Bird Privacy, Cyber & Data Strategy Blog

  • Home
  • Services
  • Events
  • Contacts

Kim Peretti

NYDFS Releases Significant Enhancements to its Cybersecurity Regulation in the Proposed Second Amendment

November 18, 2022 By Kim Peretti, Kate Hanniford, Ashley Miller and Lance Taubin

The New York Department of Financial Services (“DFS”) released their proposed second amendment to the Cybersecurity Regulation, 23 NYCRR Part 500 (“Proposed Second Amendment”) on October 9, 2022. DFS issued a minor amendment on April 2, 2020, revising the certification of compliance date (from February to April). The Proposed Second Amendment follows DFS’s “pre-proposed” draft […]

Filed Under: Cybersecurity, Data Protection, NYDFS

UK’s National Cyber Security Centre Releases 2022 Annual Review

November 7, 2022 By Kim Peretti and Kristen Bartolotta

The United Kingdom’s National Cyber Security Centre (NCSC) recently released its 2022 Annual Review, which reports on the state of cyber security threats in the country. As the UK’s technical authority for cyber security, the NCSC releases an annual report covering the cyber threats from the prior 12 months as well as analysis of potential […]

Filed Under: China, Cyber Espionage, Cyber Risk, Cybercrime, Cybersecurity, Digital Crimes, International, Russia Tagged With: cybersecurity, ransomware

FTC Takes Action Against Ed Tech Provider for Failure to Secure Student’s Personal Information

November 3, 2022 By Kim Peretti, Kate Hanniford, Alysa Austin and Lance Taubin

On October 31, 2022, the Federal Trade Commission (FTC) announced it has taken action against education technology provider Chegg Inc. (“Chegg”) for its “careless” cybersecurity practices that exposed sensitive personal information of millions of its customers and employees.  This action highlights the FTC’s continued efforts to aggressively protect consumer personal data. The FTC’s complaint alleges […]

Filed Under: Data Breach, FTC

Recent FTC Order Has Implications for Executive Liability and Corporate Data Minimization Practices

October 28, 2022 By Kim Peretti, Alysa Austin and Kristen Bartolotta

On October 24, 2022, the Federal Trade Commission (“FTC”) announced a proposed consent order against both Drizly LLC, an online marketplace for alcohol delivery, and its CEO over the company’s alleged security failures that led to a data breach in 2020, which exposed the personal information of approximately 2.5 million Drizly customers. Drizly and its […]

Filed Under: Cybersecurity, Data Breach, Data Protection, Data Security, Enforcement, FTC Tagged With: cybersecurity, Data Protection, Federal Trade Commission (FTC)

NYDFS Announces Significant Cybersecurity Settlement with EyeMed Vision Care

October 25, 2022 By Kim Peretti, Ashley Miller and Lance Taubin

On October 18, 2022, EyeMed Vision Care LLC (“EyeMed”) entered into a Consent Order with the New York Department of Financial Services (“DFS”) relating to a cybersecurity event from 2020 that exposed consumer nonpublic information (“NPI”) to an unauthorized individual. EyeMed agreed to pay DFS a $4.5 million penalty, in addition to implementing mandatory remediation […]

Filed Under: Cybersecurity, Data Breach, NYDFS

  • « Go to Previous Page
  • Go to page 1
  • Go to page 2
  • Go to page 3
  • Go to page 4
  • Go to page 5
  • Interim pages omitted …
  • Go to page 11
  • Go to Next Page »

Primary Sidebar

This blog is a service of Alston & Bird’s Privacy, Cyber & Data Strategy team and focuses on key data privacy and data security issues.


Receive email notifications when new posts are added.

Receive email notifications when new posts are added.


THE DIGITAL DOWNLOAD
Click here to see the editions

PRIVACY & CYBER EVENTS
Click here to see upcoming and past events

PRIVACY & CYBER MAILINGS
Click here to sign up

@ALSTONPRIVACY
Click here to follow us on Twitter

Secondary Sidebar

Categories

Recent Posts

  • California Privacy Protection Agency Releases Draft Regulations on Risk Assessments
  • Penn State University Hit With False Claims Act Suit for Alleged Cyber Security Deficiencies
  • UK Government Makes a Bridge to The EU-U.S. Data Privacy Framework
  • California Proposes Annual Audits to Assess Sufficiency and Compliance of Company Cybersecurity
  • Oregon Enacts Comprehensive State Privacy Law
Copyright © 2023 · Alston & Bird · All Rights Reserved. Privacy.