The $1 million fine that was recently levied against Yes Bank shows the increasing risks of failing to provide timely breach notification.  On October 23, 2017, the Reserve Bank of India (“RBI”) announced that it was fining India’s Yes Bank $1 million USD for failing to comply with RBI’s breach
Continue Reading One Million Dollar Breach Notification Fine for Indian Bank Shows Increased Efforts by Regulators to Force Information Sharing Following a Breach

Regulators in almost every U.S. state have the authority to enforce cybersecurity compliance under their state’s laws, but until recently, they have rarely exercised this power, leaving enforcement mostly to federal agencies like the FTC.  With the recent Equifax breach, this appears to be changing.

The Massachusetts Attorney General filed
Continue Reading Will Equifax Lead to Increased State-Level Cybersecurity Enforcement?

CFPB Brings First Ever Data Security Enforcement Action: Review and Analysis (3/9)

On March 2, 2016, the CFPB announced that it had settled an enforcement action with Dwolla, Inc., an online payment platform, for making allegedly deceptive statements regarding its data security practices and the safety of its online payment
Continue Reading CFPB Brings First Ever Data Security Enforcement Action: Review and Analysis