Canon U.S.A. Inc. (Canon) was hit with a class action lawsuit in the U.S. District Court for the Eastern District of New York this week for the ransomware attack that exposed current and former employees’ personal information in November 2020. The plaintiffs reside in Ohio, New York, Florida and Illinois, and allege that Canon was
CafePress to Pay $2 Million in Multi-State Data Breach Settlement
On December 18, seven states have entered into a settlement agreement with e-retailer Cafe-Press for $2 million stemming from a 2019 data breach that exposed information of approximately 22 million consumers. The breach affected consumers’ personal information, including usernames and passwords, Social Security numbers, and/or Taxpayer Identification numbers.
Of the $2 million, $750,000 will be…
Walmart’s COVID-19 Testing by Drone Pilot Program
If you live within a one and a half-mile radius of the east side of the Walmart store in El Paso, Texas in a single-family home, within a one-mile radius of the North Las Vegas Walmart store in a single-family home, or within a one-mile radius of the Cheektowaga, New York Walmart store, then you…
Privacy Tip #221 – How Do We Personally Prepare for a Cyber-Attack on Critical Infrastructure?
Pretty much the only time I don’t feel like I am Chicken Little predicting a massive cyber-attack is when I am with my colleagues at the FBI, Secret Service, NSA and my students in the Brown Executive Masters of Cybersecurity who are members of the military. They don’t respond to my thoughts and fears of…
New York DFS Issues Risk Alert Concerning Possible Iran Cyber-Attacks
In view of Iran’s vows to retaliate against the United States for the death of Quassem Soleimani, the NYDFS has issued an industry letter to all regulated entities regarding the need for heightened cybersecurity precautions.
The letter notes that it “is particularly concerning that Iran has a history of launching cyber-attacks against the U.S. and…
Introducing the New York SHIELD Act
The New York “Stop Hacks and Improve Electronic Data Security Act” (SHIELD Act), N.Y. Gen Bus. Law§ 899-bb, requires businesses that collect private information on New York residents to implement reasonable cybersecurity safeguards to protect that information. While this is a new law in the State of New York, it is simply joining other states,…
New Hampshire Enacts Insurance Data Security Law
New Hampshire Governor Chris Sununu recently signed the New Hampshire Insurance Data Security Law, which “establishes the exclusive state standards applicable to licensees for data security, the investigation of a cybersecurity event…, and notification to the commissioner.” The law is applicable to all persons or entities licensed, authorized to operate, registered or required to be…
$7.75 Million Grant Awarded to Drone Companies for Drone Traffic Management
Two New York drone companies, AX Enterprize and Thales USA, were awarded a $7.75 million grant from the U.S. Air Force Research Lab to develop state-of-the-art air traffic management (ATM) systems to would allow civilian and military drones to safely coexist alongside manned aircraft in the national airspace. The project and research will be conducted…
New York Governor Signs Bill Expanding Data Breach Notification Law
New York Governor Andrew M. Cuomo signed a bill into law last week that expands New York’s data breach notification law. The Stop Hacks and Improve Electronic Data Security (SHIELD) Act brings the New York data breach notification law on par with other state data breach notification laws that have been amended in the last…
Model Rule for Securities Administrators Approved by NASAA
The North American Securities Administrators Association (NASAA) this week approved an information security model rule package aimed at improving the cybersecurity posture of the 17,543 state-registered advisers.
The proposed model would require state-registered investment advisers to establish written cybersecurity policies and procedures designed to safeguard clients’ records and information, and to deliver its privacy policy…