On October 19, 2020, the Department of Justice (DOJ) announced that six Russian GRU officers had been charged in connection with a series of destructive cyber-attacks that affected victims around the globe and caused billions of dollars of damage. The Russian hackers are alleged to be a part of the group known as Sandworm, which […]
Privacy & Cyber Regulatory Enforcement
State Financial Regulators Issue Ransomware Mitigation Tool
On October 13, 2020, state financial regulators in partnership with the Bankers Electronic Crimes Taskforce and the U.S. Secret Service, released the Ransomware Self-Assessment Tool (R-SAT) to help financial institutions mitigate the risks of ransomware. The R-SAT is a detailed questionnaire designed to evaluate the effectiveness of an institution’s general security controls as well as […]
California Department of Justice Releases Post-Finalization Modifications to CCPA Regulations
On October 12, 2020, the California Department of Justice (“Department”) released its first set of proposed post-finalization modifications to the California Consumer Privacy Act Regulations (the “CCPA Regulations”). As many businesses know, the CCPA Regulations were finalized on August 14, 2020. The Department styled these new modifications as a “Third Set of Proposed Modifications” to […]
New Privacy Browser Extension Released under CCPA Global Do Not Sell Rules
On October 7, 2020, an organization named Global Privacy Control (“GPC”) issued a press release announcing an initiative to make a new “global privacy control” available to consumers as contemplated by the CCPA Regulations. As analyzed in prior advisories, the CCPA Regulations appear to revive the possibility for Do Not Track technology, albeit in the […]
FinCEN Alerts Financial Institutions on Role in Facilitating Ransomware Attacks
With an increase in the frequency, sophistication, and cost of ransomware attacks, the Financial Crimes Enforcement Network (FinCEN) issued an advisory on October 1, 2020 alerting financial institutions to ransomware trends and typologies, and related financial red flags, that may result in a regulatory obligation to report and share information related to ransomware attacks. Based […]