First American fined $1M by NYDFS over 2019 cybersecurity breach
By 
Adrianne Appel2023-11-29T19:05:00
A title insurance company agreed to pay a $1 million fine and implement stronger compliance measures for allegedly not securing customers’ personal data, particularly during a 2019 cybersecurity breach.
First American Title Insurance Company, the second largest title insurer in the nation, did not address a known vulnerability on its proprietary storage platform, EaglePro, before the issue was exposed by a cybersecurity journalist months later, according to the New York State Department of Financial Services (NYDFS). The regulator announced the action Tuesday.
Under the NYDFS’s 2017 Cybersecurity Regulation, First American was required to have controls in place to secure its customer data.
THIS IS MEMBERS-ONLY CONTENT
You are not logged in and do not have access to members-only content.
If you are already a registered user or a member, SIGN IN now.
Related articles
-
News BriefVF discloses data breach impacted 35.5M customers
Apparel company VF Corp., the owner of brands including The North Face, Vans, and Timberland, disclosed its estimation approximately 35.5 million customers had their personal data stolen as part of a cybersecurity incident it uncovered in December.
-
News BriefGenesis Global Trading fined $8M by NYDFS over AML, cyber lapses
Virtual currency brokerage firm Genesis Global Trading agreed to pay an $8 million penalty levied by the New York State Department of Financial Services for alleged compliance failures that left it vulnerable to illicit activity and cybersecurity threats.
-
News BriefOneMain Financial fined $4.25M in NYDFS cybersecurity case
Mortgage servicer OneMain Financial Group will pay $4.25 million to settle allegations it left customer information vulnerable to cyberattacks by failing to implement required controls under New York’s cybersecurity law.
More from Regulatory Enforcement
-
News BriefSEC drops Morgan Stanley cash sweep case: Sign of the times?
A decision by the Securities and Exchange Commission to close an investigation into the cash sweep program at Morgan Stanley may affect decision-making at other financial institutions under similar scrutiny.
-
News BriefBuy now, pay later firms catch a break as CFPB backs off enforcement
The U.S. Consumer Financial Protection Bureau (CFPB) signaled a softer regulatory approach last month, easing its investigation of financial firms following the U.S. government’s broader efforts under President Donald Trump to scale back regulatory enforcement on businesses. The agency reaffirmed this pivot as it will ease scrutiny of “Buy Now, ...
-
News BriefUBS to pay $511 million fine over Credit Suisse tax case, exposing compliance gaps
A significant settlement in a U.S. tax fraud case against Credit Suisse contains numerous compliance lessons related to beneficial ownership and due diligence in mergers and acquisitions.