The New York State Department of Financial Services announced a USD1 million cybersecurity settlement with First American Title Insurance Company for violating cybersecurity regulation 23 NYCRR Part 500. The DFS claimed First American did not "maintain and implement effective governance and classification, access controls and identity management, and risk assessment policies and procedures" leading to a large-scale data breach in 2019.
New York's DFS announces $1M cybersecurity settlement
Related stories
How proposed AI enforcement moratorium cuts into US state-level powers
Notes from the IAPP Canada: Building momentum to address youth privacy issues
Navigate 2025: Potential EU AI Act pause opens new questions on approach to global regulation
Notes from the Asia-Pacific region: Chinese regulators strengthen AI, data protection governance
Notes from the IAPP Europe: Data protection and AI in focus
