IT Governance

APRIL 9, 2024

Kid Security breached again: children’s live GPS locations exposed on the Internet Last November , the parental control app Kid Security, which allows parents to monitor and control their children’s online safety, was found to have exposed more than 300 million records via misconfigured Elasticsearch and Logstash instances.

Data Privacy 52

Data Privacy Privacy Security Manufacturing 52

IT Governance

JANUARY 30, 2024

Mobile network database breach exposes 750 million Indians’ personal data The Indian security company CloudSEK claims to have found the personal data of 750 million Indians for sale on an “underground forum”. Data breached: 2 PB. TB Four Hands Source (New) Manufacturing USA Yes 1.5 TB Four Hands Source (New) Manufacturing USA Yes 1.5

Data Privacy 52

Data Privacy Retail Privacy Manufacturing 52

IT Governance

MARCH 5, 2024

Source (New) Engineering Japan Yes >5 TB Array Networks Source (New) Cyber security USA Yes 2.5 TB Turtlemint Source (New) Insurance India Yes 1,800,000 Chunghwa Telecom Source (New) Telecoms Taiwan Yes 1.7

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

IT Governance

MARCH 11, 2024

Source (New) Retail Italy Yes 436,932 Toner-dumping.de Source (New) Retail Germany Yes 334,000 Yakima Valley Radiology, PC Source 1 ; source 2 (New) Healthcare USA Yes 235,249 Consorzio Innovation Source (New) Professional services Italy Yes 225 GB Northeast Orthopaedics & Sports Medicine Source (New) Healthcare USA Yes 177,276 Strike.me

Data Privacy 87

Data Privacy Privacy Security Data breaches 87

IT Governance

FEBRUARY 6, 2024

Source 1 ; source 2 (New) Professional services USA Yes 11,556 Poder Judicial de Santa Cruz Source (New) Legal Argentina Yes 8,732 J.D.

Data Privacy 88

Data Privacy Privacy Insurance Security 88

IT Governance

JANUARY 23, 2024

Publicly disclosed data breaches and cyber attacks: in the spotlight More than 70 million email addresses added to Have I Been Pwned The security researcher Troy Hunt has added more than 70 million email addresses from the Naz.API data set to his Have I Been Pwned data breach notification service. VF Corporation confirms 35.5

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

The Last Watchdog

JULY 13, 2023

London, July 13, 2023 — Beazley, the leading specialist insurer, today published its latest Risk & Resilience report: Spotlight on: Cyber & Technology Risks 2023. For the insurance industry, working with clients to help them tackle these challenges is vital to ensuring businesses operate in as safe an environment as possible.

Risk 189

Risk Insurance Energy and Utilities Marketing 189

IT Governance

APRIL 22, 2024

Compromised data includes names, passport numbers, Social Security numbers, online crypto account identifiers and bank account numbers. Publicly disclosed data breaches and cyber attacks: in the spotlight Criminal hackers threaten to leak World-Check screening database A criminal group known as GhostR claims to have stolen 5.3

Data Privacy 52

Data Privacy Privacy Manufacturing Security 52

Hunton Privacy

OCTOBER 14, 2019

Recent headlines underscore the security challenges faced by public-facing businesses. The SAFETY Act, administered by the Department of Homeland Security, is coming of age as an important tool to reduce risk and limit liability. Bruce Cohen, SVP, Client Executive, Lockton Companies. Kevin Jones , Partner, Hunton Andrews Kurth.

Insurance 49

Insurance Security Retail Risk 49

IT Governance

JANUARY 16, 2024

Source (New) Real estate USA Yes 10 GB Unitex Source (New) Manufacturing USA Yes 9.5 GB Rebekah Children’s Services Source (New) Non-profit USA Yes 2,805 Butte School District Source 1 ; source 2 (Update) Education USA Yes 2,658 Dignity Health Nevada St. Source (New) Real estate USA Yes 10 GB Unitex Source (New) Manufacturing USA Yes 9.5

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

IT Governance

DECEMBER 19, 2023

An investigation determined that personal data, including names, addresses, phone numbers, Social Security numbers, dates of birth and bank account numbers, belonging to nearly 15 million people was obtained by an unauthorised party between 30 October and 1 November. Data breached: personal data belonging to 14,690,284 individuals.

Data Privacy 52

Data Privacy Manufacturing Privacy Energy and Utilities 52

Schneier on Security

APRIL 12, 2018

Good article about how difficult it is to insure an organization against Internet attacks, and how expensive the insurance is. Companies like retailers, banks, and healthcare providers began seeking out cyberinsurance in the early 2000s, when states first passed data breach notification laws.

Insurance 49

Insurance Cybersecurity Data breaches Retail 49

Security Affairs

MAY 12, 2024

The alert provides Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IOCs) obtained from law enforcement investigations and reports from third-party security firms. Most of the victims are in the manufacturing, engineering and construction, and retail sectors. ” reads the CSA. in Germany, and 5.9%

Ransomware 109

Ransomware Blockchain Retail Insurance 109

Adam Levin

APRIL 10, 2019

A security analysis of 30 major banking and financial apps has shown major security holes and a lax approach to protecting user data. Other findings included improperly secured database commands (capable of allowing man-in-the-middle attacks), weak encryption, and the ability to reverse-engineer the app code into a readable format.

Retail 74

Retail Security Insurance Encryption 74

IT Governance

FEBRUARY 27, 2024

The breached data includes names, addresses, emails, phone numbers, dates of birth, and financial account and Social Security numbers. The breached data may include names, Social Security numbers and health insurance information. GB Tiete Automobile Source (New) Retail Brazil Yes 68.5

Data Privacy 52

Data Privacy Manufacturing Privacy Data breaches 52

IT Governance

FEBRUARY 14, 2024

Compromised data includes policyholders’ and their families’ civil status, dates of birth and social security numbers, as well as the name of their health insurer and information relating to their contracts. It has since been confirmed by Anukul Peedkaew, the permanent secretary of social development and human security.

Data Privacy 52

Data Privacy Manufacturing Privacy Security 52

IT Governance

FEBRUARY 21, 2024

Fowler sent a responsible disclosure notice when he discovered the database and it was secured the following day. Welfare Benefits Plan Source 1 ; source 2 New Healthcare USA Yes 13,079 Insurance ACE/Humana Inc. Known records breached Zenlayer Source New Telecoms USA Yes 384,658,212 ASA Electronics Source New Engineering USA Yes 2.7

Data Privacy 52

Data Privacy Manufacturing Privacy Energy and Utilities 52

Security Affairs

JANUARY 19, 2024

VF immediately began taking measures to remediate the attack and launched an investigation into the security breach. ” reads a Form 8-K filed with the Securities and Exchange Commission (SEC) on January 18, 2024. The incident interrupted retail store inventory replenishment and delayed order fulfillment.

Data breaches 109

Data breaches Passwords Retail Insurance 109

IT Governance

JANUARY 9, 2024

LockBit claims responsibility for Capital Health security incident The LockBit ransomware group has claimed responsibility for an attack on Capital Health , a healthcare provider in Pennington, New Jersey, last November. They accessed 41.5 The compromised data allegedly includes names, email addresses and phone numbers.

Data Privacy 75

Data Privacy Privacy Manufacturing Data breaches 75

Security Affairs

NOVEMBER 23, 2023

American retailer and distributor of automotive parts and accessories AutoZone discloses a data breach after a MOVEit attack. AutoZone is an American retailer and distributor of automotive parts and accessories. The company is one of the largest aftermarket automotive parts and accessories retailers in the United States.

Data breaches 105

Data breaches Retail Education Ransomware 105

Krebs on Security

APRIL 16, 2024

The answer may no longer be a mystery: KrebsOnSecurity found compelling clues suggesting the intrusion was carried out by the same Russian hacking crew that stole of millions of payment card records from big box retailers like Home Depot and Target in the years that followed. “At the time, it was one of the largest breaches in U.S.

Sales 238

Sales Retail Insurance Access 238

Krebs on Security

DECEMBER 18, 2018

Virtually all companies like to say they take their customers’ privacy and security seriously, make it a top priority, blah blah. That’s because very few of the world’s biggest companies list any security executives in their highest ranks. banks) would have this role in their executive leadership team.

Security 227

Security Marketing Cybersecurity Data breaches 227

Security Affairs

JANUARY 19, 2024

This group primarily focused its attacks on the construction, manufacturing/industrial, and retail industries.

Ransomware 116

Ransomware Manufacturing Retail Insurance 116

Krebs on Security

JANUARY 26, 2024

Authorities in Australia, the United Kingdom and the United States this week levied financial sanctions against a Russian man accused of stealing data on nearly 10 million customers of the Australian health insurance giant Medibank. Encoded01), which focused on targeting single computers and end-users instead of corporations.

Ransomware 242

Ransomware Retail Insurance Government 242

Hunton Privacy

NOVEMBER 11, 2016

As reported on the Insurance Recovery blog , earlier this week, retailer Tesco Plc’s (“Tesco”) banking branch reported that £2.5 The loss, which is about half of what Tesco initially estimated, is still substantial and serves as a strong reminder that cyber-related losses are a real threat to retailers and other industries.

Insurance 45

Insurance Retail IT Cybersecurity 45

Krebs on Security

JANUARY 19, 2022

was originally launched in 2010 with the goal of helping e-commerce sites validate the identities of customers who might be eligible for discounts at various retail establishments, such as veterans, teachers, students, nurses and first responders. For more on the benefits of using a Security Key for MFA, see this post. -based ID.me

Access 363

Access Insurance Authentication Government 363

The Last Watchdog

OCTOBER 5, 2023

“It likewise empowers CISOs and security leaders when communicating risk with boardroom members who may not be well-versed in traditional cybersecurity terminology, enabling them to grasp overall business ramifications more tangibly.”

Retail 100

Retail Risk Data breaches Mining 100

IBM Big Data Hub

OCTOBER 30, 2023

One of the largest children clothing retailer in the US utilizes this solution to streamline its complex supply chain. The retailer uses these insights to optimize inventory levels, reduce costs and enhance efficiency. AWS’s scalable infrastructure allows for rapid, large-scale implementation, ensuring agility and data security.

Analytics 80

Analytics Retail Cloud Insurance 80

Krebs on Security

FEBRUARY 7, 2022

It was clear most readers had no idea these new and more invasive requirements were being put in place at the IRS and other federal agencies (the Social Security Administration also is steering new signups to ID.me). says it has approximately 64 million users, with 145,000 new users signing up each day. What happens if ID.me gets breached?

Access 228

Access Authentication Insurance Personal data 228

Security Affairs

JANUARY 17, 2022

This pre-release announcement for Critical Patch Update (CPU) for January 2022 confirms that Oracle security updates will address 483 new security patches. “A Critical Patch Update is a collection of patches for multiple security vulnerabilities. This Critical Patch Update addresses 483 new security patches.

Communications 101

Communications Financial Services Big data Retail 101

Hunton Privacy

NOVEMBER 6, 2014

Hunton & Williams Insurance Litigation & Counseling partner Lon Berk reports: As the demand for cyber insurance has skyrocketed, so too has the cost. New payment technologies, however, will change the need for this type of cyber insurance. As these payment technologies become prevalent in the U.S.,

Insurance 40

Insurance Retail Sales Risk 40

IT Governance

APRIL 3, 2019

US food giant Mondelez is suing insurance company Zurich American for denying a $100 million (£76 million) claim filed after the NotPetya attack. In that regard, it was a job well done, with one report estimating that insurers could expect to pay out more than $80 billion (£61 billion) as a result of the attack.

Insurance 53

Insurance Ransomware Government Paper 53

IT Governance

JANUARY 9, 2020

Almost everyone wants to know what the future has in store – particularly when it comes to cyber security. With that in mind, Geraint Williams, IT Governance’s chief information security officer, discusses his cyber security predictions in the upcoming year. Our predictions. Ransomware will continue to increase.

Security 98

Security IoT Phishing Ransomware 98

The Last Watchdog

MARCH 26, 2019

Pick any company in any vertical – financial services, government, defense, manufacturing, insurance, healthcare, retailing, travel and hospitality – and you’ll find employees, partners, third-party suppliers and customers all demanding remote access to an expanding menu of apps — using their smartphones and laptops.

Security 145

Security Digital transformation Financial Services Risk 145

The Last Watchdog

AUGUST 9, 2023

If left unremediated, the exposures would allow attackers and malicious insiders to drain funds from the wallets of millions of retail and institutional customers in seconds, with no knowledge to the user or vendor. New York, N.Y., The issue was promptly addressed and no user funds were affected.

Retail 100

Retail Insurance Libraries Paper 100

Krebs on Security

MARCH 26, 2020

Cybersecurity experts say the raid included the charging of a major carding kingpin thought to be tied to dozens of carding shops and to some of the bigger data breaches targeting western retailers over the past decade. Flint is among the biggest players in the crowded underground market for stolen credit card data, according to a U.S.

Retail 288

Retail Insurance Cybersecurity Data breaches 288

Security Affairs

AUGUST 25, 2021

The group focuses on organizations in the insurance, retail, technology, and chemical industries in the U.S., Tune the e-mail security solution to automatically discard malicious or suspicious attachments. Integrate threat intelligence into existing SIEM or security controls for relevant Indicators of Compromise.

Retail 122

Retail Insurance Cybersecurity Phishing 122