Member Article

DataSecurityLaw.com is the firm’s resource for the latest news, analysis, and thought leadership in the critical area of privacy and cybersecurity law. Patterson Belknap’s Privacy and Data Security practice provides public and private enterprises, their leadership teams and boards with comprehensive services in this critical area. Our team of experienced litigators, corporate advisors and former federal and state prosecutors advises on a broad range of privacy and data protection matters including cyber preparedness and compliance, data breach response, special board and committee representation, internal investigations, and litigation.

Government Warns of New Cyber Threats Targeting U.S. Businesses
by Alejandro H. Cruz and W. Scott Kim on September 21, 2020

The Cybersecurity and Infrastructure Security Agency (CISA) teamed up with the Federal Bureau of Investigation (FBI) to issue a joint warning of cyber-attacks emanating from Iran and targeting U.S. federal agencies and businesses. These hackers target vulnerabilities in virtual private networks (VPNs), which organizations use to allow remote network access. Once the hackers gain access through a VPN, they export data, sell access to the network, and have the ability to install ransomware. This is just the latest example of criminals exploiting vulnerabilities associated with the current remote working environment.

Ransomware Attacks During COVID-19
by Andrew M. Willinger and Michael F. Buchanan on September 3, 2020

As we previously described and as reflected in the rapidly increasing number of cyber-attacks since its start, the COVID-19 pandemic has triggered a shift in working practices that hackers and other bad actors are using to their advantage.  Recent studies show a 273% percent rise in large-scale data breaches in the first quarter of 2020, compared to prior-year statistics, and a 109% year-over-year increase in ransomware attacks in the United States through the first half of 2020.  This post will focus specifically on ransomware attacks targeting researchers working on a COVID-19 vaccine and how these attacks have evolved since the start of the pandemic.

Capital One to Pay $80 Million Fine for 2019 Data Security Hack
by Sara A. Arrow and Alejandro H. Cruz on August 14, 2020

As we previously reported, Capital One Financial Corporation announced in July 2019 a major data security breach when an individual gained unauthorized access to personal information about Capital One credit card customers.  According to the Office of the Comptroller of the Currency (“OCC”), which regulates large U.S. banks, Capital One has now agreed to pay an $80 million fine to resolve claims related to the incident.

New York DFS Announces First Cybersecurity Enforcement Action
by Kade N. Olsen, Peter A. Nelson and Michael F. Buchanan on August 5, 2020

The New York Department of Financial Services (“DFS”) recently initiated its first enforcement action against a company for violating DFS’s first-in-the-nation cybersecurity regulation.  As our readers know, we have written quite a few posts and articles about the regulation.  And as we’ve warned, with the regulation now in full effect, covered companies should expect DFS’s Cybersecurity Division to start cracking down on companies that haven’t complied.