Subscribe

Join Us On LinkedIn

Readers of this blog know that two important current litigation trends involve the filing of claims relating to cybersecurity incidents and the filing of COVID-19-related claims. A new securities class action lawsuit filed this week touched on both of these securities suit filing trends. Secure technology company Telos Corporation was hit with a securities suit […]
Securities and Exchange Commission Chairman Gary Gensler said Monday that he wants advisors and broker-dealers to improve their “cyber hygiene” as well as their data privacy disclosures. Investment companies, investment advisors and broker-dealers, which are not covered by the SEC’s Regulation Systems Compliance and Integrity, or Reg SCI, must “comply with various rules that may […]
The SEC Enforcement Division’s Cyber Unit “will continue to dig deeper into the area of cybersecurity-related disclosures and disclosure controls and internal controls,” Ablaev, a member of the Cyber Unit, said Thursday at Securities Enforcement Forum 2021. “You’ll be seeing more of the actions that we’ve been bringing fairly recently.” When sanctioning companies for failures […]
In an interesting development, the U.S. District Court Judge overseeing the cybersecurity-related securities class action lawsuit pending against title insurance company First American Financial Corp. has granted the defendants’ motion to dismiss. The dismissal in the case is interesting because the company had in June 2021 agreed with the SEC to enter a cease-and-desist order […]
The SEC just fired its second summer cybersecurity enforcement salvo in the span of two weeks, turning its enforcement torrent from cyber-related disclosure failures at public companies, to cybersecurity failures at SEC-registered financial firms. In its first salvo, fired on August 16, 2021, the SEC went ballistic. Without alleging fraud, without charging any individuals and, in […]
The Securities and Exchange Commission today sanctioned eight firms in three actions for failures in their cybersecurity policies and procedures that resulted in email account takeovers exposing the personal information of thousands of customers and clients at each firm. The eight firms, which have agreed to settle the charges, are: Cetera Advisor Networks LLC, Cetera […]
The SEC has just stepped up its enforcement efforts for cyber-related disclosure failures by public companies — bigtime. To date, given the dearth of SEC enforcement actions charging cyber-related disclosure failures, commentators typically cite the SEC enforcement action against Altaba, formerly known as Yahoo!, as the most pertinent precedent and guide for heedful corporate disclosure counsel. But with […]
The Securities and Exchange Commission today announced that Pearson plc, a London-based public company that provides educational publishing and other services to schools and universities, agreed to pay $1 million to settle charges that it misled investors about a 2018 cyber intrusion involving the theft of millions of student records, including dates of births and […]
On June 14, the Securities and Exchange Commission (SEC) announced a $490,000 settlement with the real estate services provider First American Financial Corporation (First American) for violations of disclosure controls and procedures related to cybersecurity vulnerabilities. Notably, the SEC’s case against First American did not specifically focus on a cyberattack or allege an underlying securities […]
According to the SEC’s order, on the morning of May 24, 2019, a cybersecurity journalist notified First American of a vulnerability with its application for sharing document images that exposed over 800 million images dating back to 2003, including images containing sensitive personal data such as social security numbers and financial information. In response, according […]