August 7, 2024 at 06:42PM Progress Software’s handling of a MOVEit Transfer zero-day flaw, leading to data exposure of 95 million people, was investigated by the SEC. However, in a recent filing, the SEC’s Division of Enforcement will not recommend any enforcement action regarding the security incident. Progress Software still faces numerous class-action lawsuits despite … Read more
February 23, 2024 at 01:41PM Companies and CISOs face potential fines from the SEC if cybersecurity and data-breach disclosure processes don’t comply with new rules. The SEC can use various enforcement tools, including injunctions, disgorgement, penalties, and barring individuals from roles. CISOs are concerned about personal liability and executives and companies may face reputational damage … Read more
January 12, 2024 at 05:43PM Senators Wyden and Lummis have criticized the SEC for its failure to implement basic multifactor authentication (MFA) protections following the compromise of the X Twitter account. They have urged the Inspector General to investigate this cybersecurity lapse, emphasizing the potential impact on market stability and trust. The SEC’s failure to … Read more
October 15, 2023 at 11:00PM The US Securities and Exchange Commission (SEC) is investigating Progress Software’s MOVEit file transfer software following a data breach. Progress admitted to receiving a subpoena from the SEC and stated that it is facing multiple class-action lawsuits and other litigation over the breach. Progress also disclosed that it has received … Read more