NY Regulator Fines Mortgage Lender $1.5M Over Data Breach

By Jon Hill (March 3, 2021, 8:07 PM EST) -- New York's Department of Financial Services said Wednesday that an independent East Coast mortgage lender has agreed to pay a $1.5 million fine to the agency as part of a cybersecurity settlement tied to a March 2019 data breach involving an email phishing attack.

The settlement resolves the state agency's findings of cybersecurity-related violations by Residential Mortgage Services Inc., which is based in Maine but licensed in more than 20 states, including New York. The case marks the second-ever enforcement action brought under DFS' cybersecurity rules, which took full effect just days before the breach.  

"It is of paramount concern...

Stay ahead of the curve

In the legal profession, information is the key to success. You have to know what’s happening with clients, competitors, practice areas, and industries. Law360 provides the intelligence you need to remain an expert and beat the competition.


  • Access to case data within articles (numbers, filings, courts, nature of suit, and more.)
  • Access to attached documents such as briefs, petitions, complaints, decisions, motions, etc.
  • Create custom alerts for specific article and case topics and so much more!

TRY LAW360 FREE FOR SEVEN DAYS

Hello! I'm Law360's automated support bot.

How can I help you today?

For example, you can type:
  • I forgot my password
  • I took a free trial but didn't get a verification email
  • How do I sign up for a newsletter?
Ask a question!