Last week, the New York Department of Financial Services (“DFS”) issued guidance to entities it regulates about maintaining cybersecurity awareness during the COVID-19 pandemic. Businesses have likely already seen the numerous news alerts regarding the increased risk of cyberthreats as bad actors take advantage of the upheaval caused by the current health crisis. At the end of March, the FBI reported that its Internet Crime Complaint Center had already received over 1200 complaints of COVID-19-related scams.

Entities and individuals subject to the cybersecurity regulations from the New York State Department of Financial Services (“DFS”) will see a change to this year’s filing deadlines.

Large business data breaches - like the one affecting 100 million Capital One credit card customers and applicants - remain commonplace, so much so that they are becoming accepted as the new normal in today’s climate of consumer dealings. They shouldn’t be.

On October 3, 2012, Nationwide Mutual Insurance Company and its wholly-owned subsidiary Allied Property & Casualty Insurance Company experienced a data breach when a hacker exploited a vulnerability on the companies’ web application hosting software. This hack resulted in the compromise of the personal information of 1.27 million consumers, including social security numbers, driver’s license numbers, credit scoring information, and other data used to provide insurance quotes.

Last Thursday, Governor Martinez of New Mexico signed into law the 48^th state-level data breach notification law, bringing the requirements for notifying individuals affected by data breaches to this state.