New York’s first-in-the-nation cyber-security regulation, which took effect in March 2017, is designed to address cyber-security threats and strengthen cyber-security and data protection processes by requiring clearly defined compliance standards, cyber-security controls, and the timely reporting of cyber-security events. The first charges filed under the regulation came in July 2020.

The details: RMS collected private data during its day-to-day operations, closing thousands of mortgage loans annually, according to NYDFS. A July 2020 examination uncovered evidence RMS experienced a cyber-security breach in 2019 but did not report it to NYDFS, as it was required to do.

“The breach involved unauthorized access to the email account of an RMS employee with access to a significant amount of sensitive personal data of mortgage loan applicants,” NYDFS said. “Until

Read More At:  Article Source