Krebs on Security

NOVEMBER 14, 2024

for stealing data on nearly 10 million customers of the Australian health insurance giant Medibank. Nor did he respond to reporting here in January 2024 that he ran an IT company with a 34-year-old Russian man named Aleksandr Ermakov , who was sanctioned by authorities in Australia, the U.K.

Retail 235

Retail Ransomware Marketing Healthcare 235

Hunton Privacy

AUGUST 10, 2017

On August 9, 2017, Nationwide Mutual Insurance Co. million settlement with attorneys general from 32 states in connection with a 2012 data breach that exposed the personal information of over 1.2 In October 2012, Nationwide and its affiliate, Allied Property & Casualty Insurance Co. Nationwide”) agreed to a $5.5

Data breaches 45

Data breaches Insurance Data collection Risk 45

Data Matters

MAY 9, 2019

The National Association of Insurance Commissioners (NAIC) held its Spring 2019 National Meeting (Spring Meeting) in Orlando, Florida, from April 6 to 9, 2019. ceding insurer could be eligible for the same reduced collateral requirements that would apply to qualifying EU reinsurers under the revised CFR Model Laws.

Insurance 68

Insurance Blockchain Big data Risk 68

Hunton Privacy

JANUARY 26, 2012

On enforcement, in both the blog post and the Information Rights Strategy document, the Commissioner affirmed the ICO’s current prioritization of action in health, credit and finance, criminal justice, Internet and mobile services, and information security.

FOIA 40

FOIA Insurance Big data Data breaches 40

Hunton Privacy

JANUARY 16, 2021

The Court held that OCR’s civil monetary penalty for alleged violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Privacy Rule and HIPAA Security Rule was “arbitrary, capricious, and otherwise unlawful.”. OCR investigated and imposed the $4.3

Encryption 71

Encryption Privacy Insurance Security 71

Hunton Privacy

FEBRUARY 5, 2018

million to settle claims brought under Health Insurance Portability and Accountability Act rules, alleging that lax security practices led to five breaches of electronic protected health information. Fresenius will pay OCR $3.5

Insurance 48

Insurance Risk Encryption Access 48

Hunton Privacy

JULY 11, 2011

The law, which will become effective on September 1, 2012, incorporates the expanded definition of the term “covered entity” in Texas’s existing health privacy law and could have a broad impact on many non-HIPAA covered entities. Read the text of H.B.

Privacy 45

Privacy Insurance Compliance Access 45

Hunton Privacy

AUGUST 24, 2012

On July 31, 2012, Minnesota Attorney General Lori Swanson announced a $2.5 Accretive”) for violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and its implementing regulations, and various Minnesota debt collection and consumer protection laws. million settlement with Accretive Health, Inc.

Insurance 40

Insurance IT Privacy Security 40

eSecurity Planet

AUGUST 27, 2021

Cyberattacks caused by supply chain vulnerabilities mean organizations need a renewed perspective on how to address third-party security. BitSight Security Ratings Platform. Ten years after BitSight became a pioneer in the security ratings space, the Boston-based company holds 32 patents and has rated over 40 million companies.

Risk 131

Risk Compliance Marketing Cybersecurity 131

Hunton Privacy

JUNE 7, 2012

On May 24, 2012, Massachusetts Attorney General Martha Coakley announced that South Shore Hospital agreed to a consent judgment and $750,000 payment to settle a lawsuit stemming from a data breach that occurred in February 2010. Belmont Savings Bank and Briar Group, LLC.

Data breaches 40

Data breaches Privacy Insurance Education 40

Hunton Privacy

DECEMBER 9, 2015

On December 9, 2015, the Federal Trade Commission announced that Wyndham Worldwide Corporation (“Wyndham”) settled charges brought by the FTC stemming from allegations that the company unfairly failed to maintain reasonable data security practices. The case is FTC v. Wyndham Worldwide Corporation, et al. (2:13-CV-01887-ES-JAD)

Data breaches 49

Data breaches Information Security Insurance Compliance 49

Hunton Privacy

JANUARY 3, 2014

(“Accretive”) has agreed to settle charges that the company’s inadequate data security measures unfairly exposed sensitive consumer information to the risk of theft or misuse. On July 31, 2012, Accretive settled a federal lawsuit with the Minnesota Attorney General for $2.5

Insurance 40

Insurance Information Security Risk Access 40

Hunton Privacy

SEPTEMBER 4, 2012

On August 23, 2012, the United States Court of Appeals for the Sixth Circuit held in R etailer Ventures, Inc. collectively, the “policyholders”) sought coverage for the losses under a commercial crime policy issued by National Union Fire Insurance Company of Pittsburgh, Pa. Nat’l Union Fire Ins. Retail Ventures, Inc., National Union”).

Data breaches 40

Data breaches Insurance Retail Communications 40

Hunton Privacy

MARCH 19, 2014

In a notice published in the Federal Register, OCR stated that the survey will collect information such as “number of patient visits or insured lives, use of electronic information, revenue, and business locations” to assess the organizations’ “size, complexity and fitness” for an audit. HHS conducted an audit of 115 covered entities in 2012.

Compliance 40

Compliance Insurance Privacy Risk 40

Hunton Privacy

JANUARY 24, 2012

This failure contributed to a July 2011 information security breach when an Accretive employee left an unencrypted laptop containing information of approximately 23,500 patients in a rental car. The laptop was stolen and has not yet been recovered.

Privacy 42

Privacy Insurance Information Security Risk 42

DLA Piper Privacy Matters

APRIL 8, 2019

The Act is a welcome change to the old regime where national provisions concerning the subject matter have been scattered into different regulations, namely the Patient’s Rights Act (1992/785), Act on Electronic Processing of Social and Health Care Customer Data (2007/159), Bio Bank Act (2012/688) and Medicines Act (1987/395).

Personal data 68

Personal data GDPR Healthcare Compliance 68

Hunton Privacy

MARCH 5, 2015

Wyndham”) on whether the FTC has the authority to regulate private companies’ data security under Section 5 of the FTC Act. In addition, the FTC alleged that Wyndham failed to maintain reasonable data security practices, leading to three separate data breaches involving hackers accessing sensitive consumer data. Wyndham Worldwide Corp.

Insurance 40

Insurance Data breaches Security Access 40

Hunton Privacy

JUNE 14, 2012

On June 7, 2012, the Federal Trade Commission announced settlement agreements with two businesses that allegedly exposed customers’ sensitive personal information by allowing peer-to-peer (“P2P”) file-sharing software to be installed on their company computers and networks.

Data breaches 40

Data breaches Privacy Insurance Information Security 40

Hunton Privacy

MAY 9, 2013

As part of the test-shopping operation, FTC staff members posing as individuals or representatives of companies contacted 45 data broker companies seeking information about consumers to make decisions related to creditworthiness, eligibility for insurance and suitability for employment.

Insurance 40

Insurance Privacy Personal data IT 40

Hunton Privacy

JANUARY 13, 2016

The FTC asserted that, in 2012, the Dentrix G5 software incorporated a third party database engine that included a form of data protection that Schein advertised as “encryption.” Dentrix G5 is a type of software that enables dentists to perform office tasks such as entering patient data and sending appointment reminders.

Encryption 40

Encryption Insurance Data breaches Privacy 40

Hunton Privacy

MARCH 22, 2016

In 2012, Accretive entered into a $2.5 million settlement with the Minnesota Attorney General for violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and its implementing regulations, and various Minnesota debt collection and consumer protection laws.

Computer and Electronics 40

Computer and Electronics Risk Passwords Privacy 40

Import.IO

NOVEMBER 20, 2020

Companies choose to work with us because we deliver high quality web data reliably in a secure and compliant manner – as if they were doing it themselves. Web data from hundreds of insurance companies ensure that health care patients in the US are getting the right care at the right price. How we work with our customers.

Retail 52

Retail Insurance Marketing IT 52

IBM Big Data Hub

JULY 6, 2023

These new reporting standards represent an evolution from the voluntary guidelines first issued in 2009 by India’s Ministry of Corporate Affairs, which were further refined in the Business Responsibility Report (BRR) of 2012. Businesses should respect and promote the well-being of all employees, including those in their value chains.

Insurance 50

Insurance Government Data structuring Communications 50

CGI

JANUARY 6, 2012

Fri, 01/06/2012 - 08:00. Imagine buying a new car or looking to invest in a new stock or insurance policy. Privacy and data sharing policies, security policies, openness about how to collect and use data as well as allowing users to delete data if needed. Personal Data Stores – Get ready for a step change. ravi.kumarv@cgi.com.

Personal data 40

Personal data Retail Marketing Insurance 40

DLA Piper Privacy Matters

DECEMBER 7, 2017

The group claims that between June 2011 and February 2012 Google obtained personal information by bypassing the default privacy settings on the iPhone to install cookies in the Safari web browser. On 30 November a campaign group called “Google You Owe Us” announced that it intended to raise a group claim against Google.

Risk 40

Risk Privacy GDPR Data breaches 40

Hunton Privacy

MARCH 2, 2015

Covered entities shall provide individuals with clear, timely, conspicuous and easily understandable notice about the entity’s privacy and security practices. As we reported on February 23, 2012, the White House released a report outlining a framework for U.S. The Act sets forth various content requirements for such notices.

Privacy 40

Privacy Personal data Risk Insurance 40

Hunton Privacy

APRIL 30, 2019

The CNIL served 49 formal notices to companies in 2018, including to insurance companies (five formal notices) and marketing companies collecting personal data from mobile phones via software development kit (“SDK”) tools for the purposes of sending targeted ads (four formal notices).

GDPR 48

GDPR Personal data Data breaches Marketing 48

Troy Hunt

DECEMBER 30, 2018

You also have expenses, primarily loan repayments but also maintenance, council rates, insurance and possibly strata and property management fees. In 2012, I started creating what many people came to know me by: Pluralsight courses. Those nights, weekends and holidays ultimately became very valuable.

Education 111

Education Marketing IT Insurance 111

John Battelle's Searchblog

JANUARY 25, 2019

So what insures engagement and attention? It’s mostly gone now, but there was a time, from about 1994 to 2012, when the Internet ran on a different architecture, one based on the idea that the intelligence should reside in the nodes – the site – not at the center. (Don’t get me started about Apple being different. Architecture.

Government 92

Government IT Marketing ROT 92

Data Protector

OCTOBER 11, 2017

Where the Information Commissioner gives notices to data controllers, she can now secure compliance, with the power to issue substantial administrative penalties of up to 4% of global turnover. How then will we secure adequacy without adhering to the charter? Where she finds criminality, she can prosecute.

GDPR 120

GDPR Personal data Government IT 120

eDiscovery Daily

JANUARY 8, 2020

Yesterday, we looked back at cases related to cooperation, form of production, privilege and confidentiality disputes, social media related disputes and a key case regarding biometric security. 2012: Part 1 , Part 2 , Part 3 , Part 4. We grouped those cases into common subject themes and will review them over the next few posts.

e-Discovery 34

e-Discovery Privacy Computer and Electronics Insurance 34

eDiscovery Daily

JANUARY 9, 2018

Here are three cases related to privilege issues, including one where the court granted a quick peek request by the plaintiff, citing the “court’s heavy caseload and limited resources”: Putting Information on File Share Site without Protection Waives Privilege, Court Rules : In Harleysville Insurance Co. Los Alamos National Security, LLC et.

e-Discovery 39

e-Discovery Computer and Electronics Communications Cloud 39

eSecurity Planet

JANUARY 11, 2022

Information security products , services, and professionals have never been in higher demand, making for a world of opportunities for cybersecurity startups. With evolving attack methodologies due to machine learning, quantum computing, and sophisticated nation-state hackers, security startups are receiving record funding.

Cybersecurity 142

Cybersecurity Cloud Compliance Analytics 142

Krebs on Security

NOVEMBER 28, 2023

One of the cybercrime underground’s more active sellers of Social Security numbers, background and credit reports has been pulling data from hacked accounts at the U.S. consumer data broker USinfoSearch , KrebsOnSecurity has learned. The U.S. .”

Access 272

Access Honeypots Sales Authentication 272

IT Governance

JUNE 1, 2021

If you find yourself facing a cyber security disaster, IT Governance is here to help. Edinburgh mental health clinic in probe after client information accessed in scam (unknown) Iranian Hackers Hit H&M Israel (unknown) South Africa’s VirginActive goes offline after cyber attack (unknown) B.C. Find out more. Ransomware.

Data breaches 123

Data breaches Ransomware Insurance Energy and Utilities 123

Krebs on Security

MARCH 2, 2023

The Biden administration today issued its vision for beefing up the nation’s collective cybersecurity posture, including calls for legislation establishing liability for software products and services that are sold with little regard for security. ” Many of the U.S. government-wide Solar Winds compromise.

Cybersecurity 265

Cybersecurity Insurance Cloud Government 265

Data Matters

JANUARY 18, 2022

The GDPR was proposed in 2012 and only finally came into force in 2018 so perhaps that provides some indication. The principles included leveraging multi-disciplinary expertise throughout the total product life cycle and implementing good software engineering and security practices. Other global developments relating to AI.

Artificial Intelligence 103

Artificial Intelligence Risk Compliance Insurance 103