-
5 days ago | 
jdsupra.com | Alysa Austin |Jennifer Everett |Katherine Doty Hanniford
Artificial intelligence (AI) systems are vulnerable to more than just threat actors. Our Privacy, Cyber & Data Strategy Group examines joint guidance issued by U.S. and international cybersecurity agencies that provides best practices for protecting AI system data from various security threats.
-
Jan 28, 2025 | 
jdsupra.com | Alysa Austin |Daniel Felz |Katherine Doty Hanniford
In the final week of the Biden Administration’s term in office, former President Biden issued two high profile executive orders that could have significant ramifications for the cybersecurity and technology industries. The first, issued on January 14, 2025, is an “Executive Order on Advancing United States Leadership in Artificial Intelligence Infrastructure” (the “AI Infrastructure Order”).
-
Jan 7, 2025 | 
jdsupra.com | Alysa Austin |Kimberly Peretti
In late December 2024, the New York Governor signed two bills (S2659B and S2376B) amending the state’s data breach notification law (N.Y. Gen. Bus. Law § 899-aa), to expand the definition of reportable personal information and impose new covered entity reporting obligations in the event of a data breach.
-
Sep 20, 2024 | 
jdsupra.com | Alysa Austin |Kimberly Peretti
Ransomware attacks are hitting record highs in 2024 and show no sign of slowing down as new criminal groups enter the scene and employ a variety of evolving tactics. This post identifies key highlights of ransomware activity in 2024 so far. Multiple recent security reports have reported a significant increase in ransomware attacks claimed by criminal groups in Q2 2024, making it the second-highest quarter on record for claimed attacks.
-
Aug 16, 2024 | 
jdsupra.com | Alysa Austin |Kristen Bartolotta |Kathleen Benway
The revamped Health Breach Notification Rule by the Federal Trade Commission (FTC) took effect on July 29, 2024, expanding consumer privacy protections to the users of online health platforms and health and wellness apps. Our Consumer Protection/FTC Team digs into the rule’s impact on the digital health sector.
-
Jul 29, 2024 | 
jdsupra.com | Alysa Austin |Kellen S. Dwyer |Kimberly Peretti
On July 18, 2024, a federal jury in Delaware found that an online travel booking company violated the Computer Fraud and Abuse Act (CFAA) by accessing portions of a European airline’s website without permission and “with intent to defraud” the airline. In particular, the jury unanimously found that the online travel company violated the CFAA by using a third-party service provider to scrape the airline’s website to find and resell airline tickets to its own customers at an additional charge.
-
Jul 1, 2024 | 
jdsupra.com | Alysa Austin |Andrew Liebler
In May 2024, the New York State Department of Health (“NYSDOH”) issued revisions to proposed regulations on hospital cybersecurity that it first released in November 2023. The proposed revised regulations are subject to public comment ending on July 1, 2024, and would apply to general hospitals licensed under Article 28 of the NYS Public Health Law. NYSDOH proposed the initial regulations in the aftermath of several high-profile cybersecurity breaches affecting hospitals and health systems.
-
Feb 26, 2024 | 
jdsupra.com | Alysa Austin |Katherine Doty Hanniford |Kimberly Peretti
1. 2023 Was a Record Year for PaymentsRansomware incidents and their related extortion attempts will be a known risk for the foreseeable future and show little sign of abating. According to Chainalysis, ransom payments alone exceeded $1 billion in 2023. This amount does not include business impact costs; productivity losses; costs of the forensic investigation; individual, regulator, and contractual notifications; legal fees; and remediation.
-
Jan 30, 2024 | 
jdsupra.com | Alysa Austin |Kimberly Peretti
On January 24, 2024, the U.K.’s National Cyber Security Centre (NCSC) released a new report, The near-term impact of AI on the cyber threat, detailing how Artificial Intelligence (AI) will impact the effectiveness of cyber operations for 2025 and beyond. According to the report, threat actors are already using AI in cyber attacks and the use of malicious AI will “almost certainly” increase the volume and impact of cyber attacks, particularly ransomware, over the next two years.
-
Jan 17, 2024 | 
jdsupra.com | Alysa Austin |Kimberly Peretti |Andrew Rice
On January 5, 2024, the New York Attorney General’s Office (“NY AG”) announced a settlement with Refuah Health Center, Inc. (“Refuah”) based on the company’s alleged failures to appropriately safeguard its patients’ information, including failing to encrypt patient information or use multifactor authentication, which allegedly resulted in a May 2021 ransomware attack that impacted approximately 300,000 patients.
