Legal News, Cyberattack, News
December 17, 2024
620 views 3 mins 0

SEC Charges Flagstar for Misleading Investors About Cyber Breach

ADMINISTRATIVE PROCEEDINGFile No. 3-22360 December 16, 2024 – The Securities and Exchange Commission today filed settled charges against Flagstar Bancorp, Inc. (now known as “Flagstar Financial, Inc.”), for making materially misleading statements regarding a cybersecurity attack on Flagstar’s network in late 2021 (the “Citrix Breach”). The SEC’s order finds that Flagstar negligently made materially misleading statements […]

Legal News, Data Breach News
January 28, 2024
613 views 6 secs 0

SolarWinds Seeks Dismissal of ‘Unfounded’ SEC Cybersecurity Suit

Bloomberg Law reports on a case that probably has a lot of CISOs somewhat nervous: SolarWinds Corp. issued a full-throated denial of wrongdoing in how it handled one of the worst cyberattacks in history in a Friday court filing seeking the dismissal of US Securities and Exchange Commission allegations that its software security representations defrauded […]

Legal News
December 16, 2023
677 views 16 secs 0

US SEC says no to new crypto rules; Coinbase asks court to review

Reuters reports: The U.S. Securities and Exchange Commission on Friday denied a petition by Coinbase Global (COIN.O) seeking new rules from the agency for the digital asset sector, which the country’s largest crypto exchange then sought to challenge in court. The five-member commission, in a 3-2 vote, said it would not propose new rules because it fundamentally […]

Legal News
December 14, 2023
667 views 48 secs 0

Feds brace for implementation of SEC cyber disclosure rules

The Record reports: The U.S. government is readying to implement contentious new disclosure rules for digital attacks that could both create headaches for the private sector and law enforcement and shed invaluable light on the state of ransomware and online threats. On December 18, a rule passed earlier this year by the Securities and Exchange […]

Legal News, News
December 08, 2023
638 views 2 secs 0

FBI explains how companies can delay SEC cyber incident disclosures

The Record reports: The FBI has published guidance on how companies can request a delay in disclosing cyber incidents to the Securities and Exchange Commission (SEC). The document is a followup to new rules that the SEC approved in June requiring companies to quickly disclose “material” cybersecurity incidents and share the details of their cybersecurity risk management, […]

Legal News, Malware Ransomware, News
November 16, 2023
543 views 3 mins 0

A ransomware gang files an SEC complaint against its victim for not reporting the breach to the SEC within 4 days

“They did WHAT??” Ransomware gangs will often test ways to pressure victims to pay. But today, threat actors associated with the AlphV (BlackCat) group tested a new approach that is raising eyebrows in the cybersecurity community. When a victim, MeridianLink, didn’t pay them quickly and didn’t even start to negotiate any payment with them, AlphV […]

Legal News
September 10, 2023
750 views 4 secs 0

New SEC Cybersecurity Disclosure Requirements Give Public Companies Only Four Days to Disclose Material Cybersecurity Incidents

This summer, the Securities and Exchange Commission (SEC) adopted rules to enhance and standardize disclosures by public companies regarding cybersecurity risk management, strategy, governance, and incidents.   The rules will impose a number of new requirements, including disclosures regarding: Read more of this article at Workplace Privacy, Data Management & Security Report.

Legal News
August 29, 2023
659 views 24 secs 0

SEC Cybersecurity Rule Leans on Materiality and Reasonableness

The US Securities and Exchange Commission released its final rule, effective Sept. 5, 2023, on cybersecurity risk management, strategy, governance, and incident disclosure. Investors, registrants, and other market participants should take special notice of two key terms in the regulations: “materiality” and the “reasonable investor.” Read more at Bloomberg Law.