According to a 2024 Cybersecurity Benchmarking Survey, 45 percent of surveyed compliance personnel from asset management, investment adviser and private market firms have expressed concerns about how the Securities and Exchange Commission (SEC) will enforce its newly developed cybersecurity rules. The ACA Group and National Society of Compliance Professionals released Read More
The U.S. Department of Health and Human Services announced a $100,000 settlement with Doctors’ Management Services for failures to determine the potential risks and vulnerabilities to electronic protected health information after a cyberattack exposed the information of more than 200,000 patients. It is notable in that it is the first Read More
The Securities and Exchange Commission announced charges against Austin, Texas-based software company SolarWinds and its chief information security officer, Timothy G. Brown, for fraud and internal control failures relating to allegedly known cybersecurity risks and vulnerabilities. The complaint alleges that, from at least its October 2018 initial public offering through Read More
Health care companies are increasingly falling victim to sophisticated hacking efforts—including ransomware attacks—insider threats, and basic security flaws despite the highly confidential nature of patient data. According to new research by Atlas VPN, a virtual private network provider, 87 million patients in the United States had their personal information improperly Read More
Artificial intelligence applications like ChatGPT are becoming common tools in the workplace to do everything from generating job descriptions, writing and editing reports, and to managing schedules (See related article, “How Employees Are Using ChatGPT on the Job“). But the apps aren’t perfect. In fact, they can be error prone Read More
SolarWinds disclosed in a press release accompanying a recent regulatory filing that the Securities and Exchange Commission has issued it a “Wells Notice” concerning an investigation into SolarWind’s previously disclosed cyberattack on the company’s Orion Software Platform and internal systems. “The Wells Notice states that the SEC staff has made Read More
The Securities and Exchange Commission announced that it has reopened the public comment periods for 11 rulemaking releases and one request for comment due to a technological error resulting in numerous public comments submitted through the agency’s online comment form not being received. The SEC advised that all those who Read More
Tornado Cash has been sanctioned by the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) after the virtual currency mixer was “used to launder more than $7 billion worth of virtual currency since its creation in 2019,” OFAC announced Aug. 8. Among the $7 billion in laundered Read More
Robinhood Crypto (RHC) has been ordered to pay a $30 million penalty for “significant deficiencies” in its Bank Secrecy Act/anti-money laundering (BSA/AML) compliance program and for cybersecurity violations, said the New York Department of Financial Services. NYDFS discovered RHC’s compliance deficiencies following a supervisory examination and a subsequent investigation. In Read More
The U.S. Department of Justice announced a new initiative last week to hold federal contractors responsible if they fail to report data breaches. The plan is to charge such contractors with violating the False Claims Act if they neglect to follow federal standards that require the reporting of cyber-attacks. The Read More
