CONTRIBUTOR

Most Read: Contributor United States, September 2023

ARTICLE

United States: NYDFS's $4.5 Million EyeMed Cyber Settlement Reminder To Industry

03 November 2022

by Elfin L. Noce

Sheppard Mullin Richter & Hampton

Your LinkedIn Connections
with the authors

To print this article, all you need is to be registered or login on Mondaq.com.

In a recent settlement with the New York Department of Financial Services, EyeMed Vision Care LLC agreed to pay a $4.5 million penalty and undertake remedial measures to increase its cybersecurity. This includes undertaking an action plan based on a comprehensive risk assessment, subject to the review and approval of NYFSD.

The case stemmed from an October 2020 incident. At that time, a threat actor gained access to an EyeMed email account used by nine employees through a likely phishing attack. The threat actor was then able to view consumer nonpublic information in the email account. NYDFS alleged that EyeMed did not conduct required risk assessments, failed to implement multifactor authentication, and did not have appropriate access controls in place.

The settlement focused on EyeMed's security practices and its failure to conduct required cybersecurity risk assessments as required by the NYDFS Cybersecurity Regulation.

Putting it Into Practice: This is a reminder for covered entities that the NYDFS Cybersecurity Regulations require companies to conduct periodic risk assessments of information systems and nonpublic information stored on company networks.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

AUTHOR(S)

Elfin L. Noce

Sheppard Mullin Richter & Hampton

ARTICLE TAGS

United States Finance and Banking Financial Services Technology Security

POPULAR ARTICLES ON: Technology from United States

RELATED CONTENT

FREE News Alerts

Sign Up for our free News Alerts - All the latest articles on your chosen topics condensed into a free bi-weekly email.

Article Tags

United States New York Finance and Banking Financial Services Technology

More Tags

Related Articles

The State Of AI In 2024 In 15 Graphs Foley & Lardner

Noted With Interest: Newly-Issued DFS Guidance On Banks Quinn Emanuel Urquhart & Sullivan

New CISA Cybersecurity Incident Reporting Requirements Proposed For Critical Infrastructure Companies Akin Gump Strauss Hauer & Feld LLP

Leveraging Artificial Intelligence - Part I: AI Vendor Contracts (Video) Carter Ledyard & Milburn

AI Regulatory And Legal Issues Today: A Conversation With Natasha Allen Foley & Lardner

Mondaq Webinars

MAY14

Asset Recovery and Judgment Enforcement: A Focus on 2024 Trends in the US and UK

JUN05

Killing the Paper Tiger – HR Toolbox for Running your German Operation Smoothly

Comparative Guides

Anti-Corruption & Bribery

Artificial Intelligence

Aviation Finance

Aviation Regulation

Banking Regulation

Mondaq Advice Centres

United States

Advertising and Marketing

United States

Telemarketing

United States

COVID-19

Global

Trademarks in SAARC Countries

United States

International Trade Law & Customs

Curated Content

Revolutionizing Resolution: The Transformative Impact Of AI On ADR
JAMS

Evolving Legal Norms For Artificial Intelligence In The European Union And The United States
Braumiller Law Group, PLLC

The Use Of AI In ADR: Balancing Potential And Pitfalls
JAMS

Assessing The Benefits And Challenges Of Tokenizing Real World Assets
Braumiller Law Group, PLLC

Knowing What's Ahead: Dispute Resolution Planning For Startups In The New Age Of Generative AI
JAMS

Upcoming Events

MAY02

Is AI Our Genie In A Bottle?

Panel Washington, DC United States

MAY14

Buchanan Life Sciences Summit New Jersey

Buchanan Ingersoll & Rooney PC

Summit New Jersey United States

More filters

Mondaq Social Media

© Mondaq® Ltd 1994 - 2024. All Rights Reserved.

Please to Mondaq or for unlimited free access and a complimentary news alert

|

|

|

|