Don’t Forget to Report a Breach: A Cautionary Tale

June 28, 2024 at 09:18AM ICE faced a $10 million fine from the SEC for delaying reporting a VPN breach, violating compliance requirements. No clear reason for the delay was provided. The case highlights risks of bypassing compliance for quick response, showing cybersecurity’s broad business impact and insurance implications. Boards are urged to ask better … Read more

NYSE parent gets $10M wrist tap for failing to report 2021 systems break-in

May 22, 2024 at 03:38PM The New York Stock Exchange’s parent company, Intercontinental Exchange (ICE), was fined $10 million by the SEC for failing to immediately report a cyber intrusion in 2021. The SEC alleges ICE and its subsidiaries violated Regulation Systems Compliance and Integrity (Regulation SCI) reporting rules. The settlement includes no admission of … Read more

Intercontinental Exchange to pay $10M SEC penalty over VPN breach

May 22, 2024 at 01:23PM The Intercontinental Exchange (ICE) has agreed to pay a $10 million penalty to settle charges by the SEC for failing to promptly report a 2021 VPN security breach. ICE, a Fortune 500 company, owns global financial exchanges and employs over 13,000 people. The breach, caused by suspected state hackers, exposed … Read more