Posts by Matthew TolderoPartnerHe brings over ten years of combined incident response and risk management experience to his role on our Rapid Response Team. During the seven years prior to joining the Constangy Cyber Team, Matt worked at a boutique incident ...
When cyberattacks strike global giants, it’s front-page news. But what about the smaller breaches -- the ones that don’t make headlines? Increasingly, they’re making waves in courtrooms and regulatory enforcement agencies. Continue Reading ›
After a long weekend, Finance Manager Joe sits at his desk to read his emails. One of the emails is from a trusted vendor with whom the Joe communicates on a regular basis, regarding an unpaid invoice that is due immediately. The vendor tells Joe that he was having “issues” with his bank and recently changed accounts. The vendor provides instructions for Joe to wire funds. As this is a known partner with whom the company has a good relationship, Joe wires the amount due. Two weeks later, the vendor contacts Joe to let him know that the invoice has not been paid. In a panic, Joe reads the emails he received and observes that one letter in the vendor’s original email address is different from the vendor’s legitimate email address. Joe calls the bank in a panic but is advised that the money has been withdrawn and that his company’s account has a balance of $0.00. Continue Reading ›
Consumers have been trading their DNA for a personal genetic history lesson with 23andMe since 2007. Continue Reading ›
With the number of data breaches increasing each year, it’s becoming more important to know what personal data you have and where you have it. On personal or even work devices, you may be surprised at how much of your data is just waiting to be taken advantage of by a bad actor. Continue Reading ›
Just in time for setting a new year’s resolution, the New York Senate passed health privacy bill S-929. This bill was first introduced during the 2024 legislative session but failed to pass. Now in the early weeks of 2025, S-929 has passed without any changes since 2024. The bill will now move to the Assembly Codes and Science & Technology Committees for further consideration. Continue Reading ›
You've been hit by a ransomware attack, and a cybercriminal group is demanding a cryptocurrency payment in exchange for your data's safe return. Should you pay? Continue Reading ›
Financial institutions are now required to notify the Federal Trade Commission about any security breach that involves the information of 500 customers or more. The breach must be reported no later than 30 days after it is discovered. Continue Reading ›
The Constangy Cyber Advisor posts regular updates on legislative developments, data privacy, and information security trends. Our blog posts are informed through the Constangy Cyber Team's experience managing thousands of data breaches, providing robust compliance advisory services, and consultation on complex data privacy and security litigation.
