Category Archives: jay clayton

SEC settles with First American over massive data leak for nearly $500,000

Posted on by

The Securities and Exchange Commission announced Tuesday that it has settled charges with First American Financial over its 2019 leak of sensitive customer information that exposed more than 800 million document images. Under the terms of the deal, the heavyweight real estate title insurance company will pay a $487,616 fine. The SEC had charged the company with inadequately disclosing the cybersecurity vulnerability that exposed the information. The digitized records included things like Social Security numbers and bank account statements. First American first made public statements about the vulnerability in May 2019 but the company’s information security personnel had first spotted it in January, and according to the SEC they didn’t fix it and failed to notify company brass. “As a result of First American’s deficient disclosure controls, senior management was completely unaware of this vulnerability and the company’s failure to remediate it,” said Kristina Littman, chief of the SEC Enforcement […]

The post SEC settles with First American over massive data leak for nearly $500,000 appeared first on CyberScoop.

Continue reading SEC settles with First American over massive data leak for nearly $500,000

SEC admits 2016 breach exposed personally identifiable information

Posted on by

The Securities and Exchange Commission announced Monday that the personal information of two people had been compromised in a database breach announced last month. The announcement reverses Chairman Jay Clayton’s previous statements about whether the breach exposed anyone’s personal information. “The ongoing staff investigation of the 2016 intrusion has now determined that an EDGAR test filing accessed by third parties as a result of that intrusion contained the names, dates of birth and social security numbers of two individuals,” an SEC press release published Monday notes. The SEC said that its ongoing investigation uncovered this new information after Clayton initially disclosed the breach in a Sept. 20 statement. The agency is offering the two unidentified individuals “identity theft protection and monitoring services,” according to the aforementioned press release. The commission has two separate, ongoing investigations into how the breach occurred and whether it resulted in illicit trading. The SEC said it is also […]

The post SEC admits 2016 breach exposed personally identifiable information appeared first on Cyberscoop.

Continue reading SEC admits 2016 breach exposed personally identifiable information

Amid data breach crisis, SEC head tells Congress he doesn’t know much

Posted on by

Securities and Exchange Commission chairman Jay Clayton told a panel of Senators on Tuesday that an investigation into his agency’s recently revealed data breach is ongoing and that he is looking to hire additional staff to help protect the agency’s network and data. Sitting before the Senate Banking, Housing and Urban Affairs Committee, Clayton fielded questions about the SEC breach as well as the Equifax breach, which occurred last month. In a lengthy written statement released last week, Clayton said that the SEC detected a breach into its EDGAR system in 2016. The database houses corporate disclosures that are not always immediately available to the public, meaning it could be used for insider trading. Clayton told the committee that the breach was made possible by a defect in a custom piece of software used by the independent regulator. While an exact timeline of the breach is unclear, a fix was pushed […]

The post Amid data breach crisis, SEC head tells Congress he doesn’t know much appeared first on Cyberscoop.

Continue reading Amid data breach crisis, SEC head tells Congress he doesn’t know much