The New York State Department of Financial Services ("NYDFS") filed charges for violations of the NYDFS's Cybersecurity Requirements for Financial Services Companies against a title insurance company that exposed customers' sensitive personal information. According to the charges, the exposed information included bank account numbers and Social Security numbers.

The NYDFS alleged that the title insurance company mishandled the customers' data, and failed to remediate the vulnerability after becoming aware of it. The NYDFS alleged that the customer personal information was available for a period of six months, leading up to a data breach of the insurance company's customer information.

The NYDFS is seeking an order against the title insurance company that imposes a civil monetary penalty and remediation requirements.

Primary Sources

  1. NYDFS Statement of Charges and Notice of Hearing: First American Title Insurance Company
  2. NYDFS Press Release: Department of Financial Services Announces Cybersecurity Charges against a Leading Title Insurance Providers for Exposing Millions of Documents with Consumers' Personal Information

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.