Author: Peter Baldwin

Peter Baldwin draws on his experience as a former federal prosecutor to counsel clients facing government investigations and cybersecurity issues. View Peter's full bio on the Faegre Drinker website.

New York Department of Financial Services and National Securities Corporation Agree to $3 Million Settlement in Cybersecurity Enforcement Action

Share

Earlier this month, the New York State Department of Financial Services (NYDFS) announced a settlement and consent order with National Securities Corporation (National Securities) for $3 million in connection with National Securities’ violations of NYDFS’s Cybersecurity Regulation, 23 NYCRR Part 500 (Part 500).

National Securities sells life insurance, accident and health insurance, and variable life/variable annuities insurance. As part of its day-to-day operations, National Securities collects personal data from its customers.

Continue reading “New York Department of Financial Services and National Securities Corporation Agree to $3 Million Settlement in Cybersecurity Enforcement Action”

New York Department of Financial Services Announces $1.5 Million Settlement of Second Cybersecurity Enforcement Action

Share

On March 3, 2021, the New York State Department of Financial Services (NYDFS) announced a settlement with Residential Mortgage Services, Inc. (RMS) for $1.5 million in connection with its violation of the NYDFS Cybersecurity Regulation, 23 NYCRR Part 500 (Part 500). This is the second publicly-announced settlement of an enforcement action brought under NYDFS’s novel cybersecurity regulation (we wrote about the first action).

According to the consent order, in March 2020, NYDFS’ Mortgage Banking Division commenced a routine examination of RMS, which included a review of its compliance with Part 500. RMS is headquartered in Maine, but it is registered as mortgage banker in New York and other states. During the examination, NYDFS determined that RMS failed to report a March 2019 data breach incident, as required by Part 500.

Continue reading “New York Department of Financial Services Announces $1.5 Million Settlement of Second Cybersecurity Enforcement Action”

The Eleventh Circuit Finds that Potential Future Misuse of Personal Information Does Not Confer Article III Standing in Data Breach Suits

Share

On February 4, 2021, the Eleventh Circuit Court of Appeals issued a critical opinion addressing Article III standing in private data breach actions, which has been the subject of a closely watched circuit split.

The case, Tsao v Captiva MVP Restaurant Partners LLC, originated in the District Court for the Middle District of Florida where the plaintiff filed a class action complaint against the restaurant chain PDQ in connection with a May 2017 data breach. Following the breach, PDQ posted a notice to customers regarding the breach, explaining that customers’ names, credit card numbers, card expiration dates and CVVs may have been exposed.

Continue reading “The Eleventh Circuit Finds that Potential Future Misuse of Personal Information Does Not Confer Article III Standing in Data Breach Suits”

IT Security Trends in the Era of COVID: Our Top Five Tips for Making Your Network Safer in 2021

Share

As the COVID era drags on, it is clear that work life “post-COVID” may be very different from life “pre-COVID.” This is especially true as it relates to IT security. More and more employees have shifted to a telecommuting work model, and for many businesses that may be the case for an indefinite period of time. This raises important questions as to which security improvements or other changes IT departments need to make in 2021 to keep their businesses and client data safer from cyberattacks.

Continue reading “IT Security Trends in the Era of COVID: Our Top Five Tips for Making Your Network Safer in 2021”

Cyber Attackers Threaten COVID-19 Vaccine Distribution Chain

Share

As COVID-19 vaccine approvals and eventual distribution kicks into high gear, there has been a corresponding – and not particularly surprising – increase in cyber threat activity targeting both vaccine producers and other companies involved in the vaccine distribution chain. Most notably, “cold chain” companies responsible for safely storing and transporting the vaccines have been targeted. The problem has become so severe that both the Federal Bureau of Investigation (FBI) and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) recently issued a joint security alert on December 3, 2020 highlighting the risk to the coronavirus vaccine distribution chain.

Continue reading “Cyber Attackers Threaten COVID-19 Vaccine Distribution Chain”

Faegre Drinker on Law and Technology Podcast: Exploring the New York SHIELD Act

Share

The New York Stop Hacks and Improve Electronic Data Security (SHIELD) Act updated and expanded the state’s data breach notification requirements and introduced new and broad privacy and cybersecurity requirements that exceed those imposed by most other states around the country. In the latest episode of the Faegre Drinker on Law and Technology Podcast, Jason G. Weiss sits down with Peter Baldwin for insight into a number of questions regarding this sweeping new law.

Continue reading “Faegre Drinker on Law and Technology Podcast: Exploring the New York SHIELD Act”

©2025 Faegre Drinker Biddle & Reath LLP. All Rights Reserved. Attorney Advertising.
Privacy Policy