Cyber Risk

FTC Revises the Safeguards Rule and Proposes Mandatory Reporting of Cybersecurity Events

November 1, 2021 By Kathleen Benway, Kim Peretti and Kate Hanniford

On October 27, 2021, the FTC released its much-anticipated final revisions to the Gramm-Leach-Bliley Safeguards Rule (Safeguards Rule or Final Rule), following a 3-2 vote along party lines and also released a notice of proposed rulemaking that would require reporting to the FTC of certain cybersecurity events. Revisions to the Safeguards Rule Effective since 2003, […]

Treasury FinCEN Releases Financial Trend Analysis of Ransomware Trends in 2021

October 19, 2021 By Kim Peretti and Brian Frey

By Kim Peretti, Brian Frey, and Kristen Bartolotta On October 15, 2021 the Financial Crimes Enforcement Network (FinCen) of the Treasury Department issued a financial trend analysis on ransomware relating to Bank Secrecy Act (BSA) reporting filed in the first half of this year. FinCEN examined ransomware-related Suspicious Activity Reports (SARs) filed between January 1 […]

Department of Justice Announces New Civil Fraud Cybersecurity Enforcement Team

October 7, 2021 By Kellen Dwyer, Kim Peretti and Jon Knight

On October 6, 2021, Deputy Attorney General Lisa O. Monaco announced the launch of the Department of Justice’s Civil Cyber-Fraud Initiative. The Department plans to use civil enforcement tools to “pursue…those who are government contractors who receive federal funds, when they fail to follow required cybersecurity standards.” Stating the Department will pursue “very hefty fines,” […]

California Federal Court Dismisses Data Security-Related Securities Fraud Class Action

October 1, 2021 By Sierra Shear, Cara Peterman and Madeleine Juszynski

A California federal court has dismissed a putative securities fraud class action alleging that a large title insurer that disclosed a data security incident in May 2019 made false and misleading statements related to its data security practices and the incident. The dismissal follows the June 2021 settlement of a related Securities & Exchange Commission […]

Securities Class Actions Filed Against Three Chinese Tech Titans After Announcement of Cyber-Related Investigations

July 27, 2021 By Sierra Shear and Cara Peterman

In early July, investigations by a Chinese cybersecurity regulatory agency, the Cyberspace Administration of China (“CAC”), into at least three China-based technology companies—DiDi Global Inc. (“DiDi”), Full Truck Alliance Co. Ltd. (“FTA”), and Kanzhun Limited (“Kanzhun”)—were purportedly revealed weeks after each conducted a substantial initial public offering (“IPO”) on a United States stock exchange. These […]