On January 23, 2025, the New York Department of Financial Services announced that it had entered into a Consent Order with a Peer-to-Peer Payment Processor for alleged violations of New York’s Cybersecurity Regulation. This regulation requires all financial and banking entities operating in New York to establish and maintain adequate cybersecurity controls and protections…
On January 23, 2025, the New York Department of Financial Services (DFS) announced that it reached a $2,000,000 settlement as part of a broader consent order with a peer-to-peer payment platform (“P2P”) about its cybersecurity practices. DFS contended that the P2P violated rules on Cybersecurity Policy, Cybersecurity Personnel and Intelligence,…
On January 9, 2025, 51 State Financial Regulatory Agencies (the “Agencies”) announced a coordinated consent order and settlement agreement with nonbank mortgage servicing companies (the “Companies”). This action came following a data breach that impacted 5.8 million customers, allegedly due to deficient cybersecurity practices, and for lack of cooperation with state regulators. The Companies are licensed as…