Cybercrime report (Image: Shutterstock).
The New York State Department of Financial Services, one of the preeminent state regulators of financial institutions, recently filed its inaugural cybersecurity enforcement action. This enforcement action provides key lessons for credit unions addressing cybersecurity risks, even for credit unions that are not under the NYDFS's supervision.
The NYDFS alleged that one of the country's largest title insurers, First American Financial, failed to properly address a security vulnerability on its website that exposed millions of documents containing consumers' information. After the insurer uncovered the vulnerability in a penetration test, the insurer misclassified the vulnerability as "low," failed to timely or reasonably investigate it, and failed to heed the recommendations of the insurer's cybersecurity employees. Further details about the security vulnerability at First American are available in the CU Times article, "Title Insurance Company Leaks 885 Million Mortgage Records."
Complete your profile to continue reading and get FREE access to CUTimes.com, part of your ALM digital membership.
Your access to unlimited CUTimes.com content isn’t changing.
Once you are an ALM digital member, you’ll receive:
- Breaking credit union news and analysis, on-site and via our newsletters and custom alerts
- Weekly Shared Accounts podcast featuring exclusive interviews with industry leaders
- Educational webcasts, white papers, and ebooks from industry thought leaders
- Critical coverage of the commercial real estate and financial advisory markets on our other ALM sites, GlobeSt.com and ThinkAdvisor.com
Already have an account? Sign In Now
© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
