2013 and Insurance - Information Management Today

Target Sues Insurer Over 2013 Data Breach Costs

Data Breach Today

NOVEMBER 21, 2019

Lawsuit Claims Insurer Owes Retailer for Coverage of Card Replacement Costs Target has filed a lawsuit against its long-time insurer, ACE American Insurance Co., in an attempt to recoup money it spent to replace payment cards as part of settlements over the retailer's massive 2013 data breach.

Insurance

Insurance Data breaches Retail IT

An Interview With the Target & Home Depot Hacker

Krebs on Security

NOVEMBER 14, 2024

In December 2023, KrebsOnSecurity revealed the real-life identity of Rescator , the nickname used by a Russian cybercriminal who sold more than 100 million payment cards stolen from Target and Home Depot between 2013 and 2014. for stealing data on nearly 10 million customers of the Australian health insurance giant Medibank.

Retail

Retail Ransomware Marketing Healthcare

Target Seeks $74M in Data Breach Reimbursement from Insurance Company

Dark Reading

NOVEMBER 22, 2019

The funds would cover some of the money Target paid to reimburse financial institutions for credit card replacement after the 2013 breach.

Data breaches

Data breaches Insurance

Hacked Data Broker Accounts Fueled Phony COVID Loans, Unemployment Claims

Krebs on Security

AUGUST 6, 2020

A group of thieves thought to be responsible for collecting millions in fraudulent small business loans and unemployment insurance benefits from COVID-19 economic relief efforts gathered personal data on people and businesses they were impersonating by leveraging several compromised accounts at a little-known U.S. info and findget[.]me,

Insurance

Insurance Communications Authentication Access

Who Stole 3.6M Tax Records from South Carolina?

Krebs on Security

APRIL 16, 2024

As it happens, Rescator’s criminal hacking crew was directly responsible for the 2013 breach at Target and the 2014 hack of Home Depot. According to a 2013 report from the Treasury Inspector General’s office, the IRS issued nearly $4 billion in bogus tax refunds in 2012, and more than $5.8 billion in 2013.

Sales

Sales Retail Insurance IT

First American Financial Pays Farcical $500K Fine

Krebs on Security

JUNE 18, 2021

The SEC says First American derives nearly 92 percent of its revenue from its title insurance segment, earning $7.1 Title insurance protects homebuyers from the prospect of someone contesting their legitimacy as the new homeowner. Title insurance is not mandated by law, but most lenders require it as part of any mortgage transaction.

Insurance

Insurance Risk Financial Services Mining

Experian API Exposed Credit Scores of Most Americans

Krebs on Security

APRIL 28, 2021

Earlier this month, auto insurance giant Geico disclosed that fraudsters abused a bug in its site to steal drivers license numbers from Americans. Geico said the data was used by thieves involved in fraudulently applying for unemployment insurance benefits.

Insurance

Insurance Access Authentication Security

China Insurance Regulatory Agency Promulgates New Rule Protecting Personal Data of Life Insurance Customers

Hunton Privacy

NOVEMBER 20, 2013

On November 4, 2013, the China Insurance Regulatory Commission, which is the Chinese regulatory and administrative authority for the insurance sector, issued the Interim Measures for the Management of the Authenticity of Information of Life Insurance Customers (the “Measures”).

Insurance

Insurance Personal data Authentication Records Management

Insurance Policy’s Statutory Rights Exclusion Does Not Apply to Data Breach Claims

Hunton Privacy

OCTOBER 15, 2013

On October 7, 2013, the United States District Court for the Central District of California held that a general liability insurance policy covered data breach claims alleging violations of California patients’ right to medical privacy. Hartford Casualty Insurance Co. Corcino & Associates , CV 13-03728-GAF (C.D.

Insurance

Insurance Data breaches Privacy Security

New Payment Technologies Should Reduce Demand for Cyber Insurance

Hunton Privacy

NOVEMBER 6, 2014

Hunton & Williams Insurance Litigation & Counseling partner Lon Berk reports: As the demand for cyber insurance has skyrocketed, so too has the cost. One broker estimates that sales in 2014 will double from the $1 billion premium collected in 2013. As these payment technologies become prevalent in the U.S.,

Insurance

Insurance Retail Sales Risk

Puerto Rico Health Insurer Reports Record Fine Following PHI Breach Incident

Hunton Privacy

FEBRUARY 24, 2014

Securities and Exchange Commission that its health insurance subsidiary, Triple-S Salud, Inc. Triple S”), which is Puerto Rico’s largest health insurer, will be fined $6.8 million for a data breach that occurred in September 2013.

Insurance

Insurance Data breaches IT Security

Health Insurer Reaches Privacy Settlement with New Jersey Division of Consumer Affairs

Hunton Privacy

FEBRUARY 22, 2017

The settlement stemmed from the theft of two laptops stolen from Horizon headquarters in November 2013, when personnel from outside vendors performing renovations and moving services at Horizon’s Newark headquarters had unsupervised access to the area where company laptops were stored.

Insurance

Insurance Privacy Encryption Passwords

Maryland Department of Labor discloses a data breach

Security Affairs

JULY 9, 2019

The security breach was discovered earlier this year, hackers also accessed data stored in the Literacy Works Information System and a legacy unemployment insurance service database. The Maryland Department of Labor suffered a data breach, hackers accessed databases containing personally identifiable information (PII).

Data breaches

Data breaches Insurance Access Security

Federal Banking Regulators Request Comment on Proposed Guidance for Third-Party Risk Management

Hunton Privacy

JULY 16, 2021

According to the Regulators, the Proposed Guidance largely would adopt the text of the OCC’s 2013 guidance, broadening its scope to include organizations supervised by all three Regulators.

Risk

Risk Insurance Sales Encryption

FDIC, FRB and OCC Issue Interagency Guidance on Third-Party Relationships

Hunton Privacy

JUNE 13, 2023

On June 6, 2023, the Federal Deposit Insurance Corporation (“FDIC”), the Board of Governors of the Federal Reserve System (“FRB”) and the Office of the Comptroller of the Currency (“OCC”) issued their final Interagency Guidance on Third-Party Relationships (“Guidance”).

Risk

Risk Insurance Compliance Information Security

The man behind Cardplanet credit card market sentenced to 9 years in prison

Security Affairs

JUNE 27, 2020

The man operated the Cardplanet site between at least early 2009 through at least August 2013. The membership also requested a sum of money, normally $5,000, as insurance. In November, the suspect has been extradited to the US to face criminal charges.

Marketing

Marketing Sales Insurance Access

OCR Imposes a $1.6 Million Civil Money Penalty against Texas Health and Human Services Commission for HIPAA Violations

IG Guru

NOVEMBER 26, 2019

Department of Health and Human Services (HHS) has imposed a $1,600,000 civil money penalty against the Texas Health and Human Services Commission (TX HHSC), for violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules between 2013 […]. The post OCR Imposes a $1.6

Insurance

Insurance Privacy Security Records Management

Fifth Circuit Court of Appeals Vacates MD Anderson HIPAA Penalty

Hunton Privacy

JANUARY 16, 2021

The Court held that OCR’s civil monetary penalty for alleged violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Privacy Rule and HIPAA Security Rule was “arbitrary, capricious, and otherwise unlawful.”. OCR investigated and imposed the $4.3

Encryption

Encryption Privacy Insurance Security

Who is Tech Investor John Bernard?

Krebs on Security

SEPTEMBER 25, 2020

Mr. Davies was charged with murder and fraud after he attempted to collect GBP 132,000 in her life insurance payout, but British prosecutors ultimately conceded they did not have enough evidence to convict him. A search on John Clifton Davies and Iryna turned up this 2013 story from The Daily Mirror which says Iryna is John C.

Insurance

Insurance IT

Experian API exposed credit scores of tens of millions of Americans

Security Affairs

MAY 3, 2021

Earlier this month, auto insurance giant Geico disclosed that fraudsters abused a bug in its site to steal drivers license numbers from Americans. Geico said the data was used by thieves involved in fraudulently applying for unemployment insurance benefits.

Insurance

Insurance Access Authentication Security

Hacker Charged With Extorting Online Psychotherapy Service

Krebs on Security

NOVEMBER 3, 2022

In 2013, Kurittu worked on investigation involving Kivimaki’s use of the Zbot botnet, among other activities Kivimaki engaged in as a member of the hacker group Hack the Planet. The entire archive has since been made into a searchable website on the Dark Web. “There were also other projects and databases.”

Data breaches

Data breaches Records Management Insurance Archiving

California Consumer Privacy Act: The Challenge Ahead – Consumer Litigation and the CCPA: What to Expect

HL Chronicle of Data Protection

SEPTEMBER 27, 2018

4th 390, 393 (2013) (allowing “unlawful” UCL claim for violations of the federal Truth in Savings Act despite no express private right of action because Congress intended for state laws to hold banks to equivalent standards); see also Zhang v. 11-16351, 2013 WL 98554, at *1 (9th Cir. Bank of America, N.A. , Fireman’s Fund Ins.

Privacy

Privacy Data breaches Insurance IT

Lon Berk Discusses Recent Cyber Attack on New York Times

Hunton Privacy

SEPTEMBER 24, 2013

Recent months have seen a significant increase in highly-publicized cyber attacks and cybersecurity incidents, including an August 2013 attack on The New York Times’ website that shut down the site twice in two weeks. Unsurprisingly, there also has been an upswing in the demand for, and underwriting of, cyber insurance.

Insurance

Insurance Cybersecurity Privacy

North Dakota Amends Breach Notification Law to Cover Health Information

Hunton Privacy

AUGUST 1, 2013

On April 19, 2013, the North Dakota legislature amended the state’s breach notification law (Section 51-30-01 of the North Dakota Century Code) to expand the definition of “personal information” to include “health insurance information” and “medical information.” The amendments took effect on August 1, 2013.

Insurance

Insurance Security Privacy

The Week in Cyber Security and Data Privacy: 16–22 October 2023

IT Governance

OCTOBER 24, 2023

Another small firm suffers a serious ransomware attack: Cadre Services gets mauled by AlphV Date of breach: 19 September 2013 (AlphV uploaded first part of data to its website on 19 October 2023). American Family Insurance confirms cyberattack is behind IT outages Date of breach: 14 or 15 October 2023.

Data Privacy

Data Privacy Privacy Security Data breaches

Episode 212: China’s Stolen Data Economy (And Why We Should Care)

The Security Ledger

APRIL 27, 2021

Back in 2013, news that hackers stole data on tens of millions of customers of the software maker Adobe dominated the headlines for days. Data leaks, data breaches and data dumps are so common these days that they don’t even attract that much attention. Waiting for Federal Data Privacy Reform? Don’t Hold Your Breath.

Data breaches

Data breaches Big data Retail Insurance

OCR Issues Penalty for Noncompliance with HIPAA Privacy and Security Rules

Hunton Privacy

FEBRUARY 3, 2017

million civil monetary penalty against Children’s Medical Center of Dallas (“Children’s”) for alleged ongoing violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Privacy and Security Rules, following two consecutive breaches of patient electronic protected health information (“ePHI”).

Privacy

Privacy Security Insurance Encryption

Chronicle of a Records Manager: Controlling the Chaos of Disaster Response and Recovery

ARMA International

APRIL 28, 2022

I have been a member of the OAR staff at the ANO since March 2013. The plan was to meet the insurance coordinator at the Howard Avenue office at 8:30 a.m. I was aware that I would need documentation on damage and losses for insurance and internal purposes. The insurance coordinator proposed stabilizing in place.

Records Management

Records Management Archiving Insurance Communications

SEC Releases Observations from Recent Cybersecurity Examinations of Broker-Dealers and Advisers

Hunton Privacy

FEBRUARY 6, 2015

Conducted by the SEC Office of Compliance Inspections and Examinations (“OCIE”) from 2013 through April 2014, the examinations inspected the cybersecurity practices of 57 registered broker-dealers and 49 registered investment advisers through interviews and document reviews.

Cybersecurity

Cybersecurity Insurance Financial Services Risk

CNIL Launches Public Consultation on Draft Standards on Data Processing for Managing Business Activities and Unpaid Invoices

Hunton Privacy

DECEMBER 3, 2018

It therefore intends to cover standard customer data processing activities carried out by any data controller, except (1) health or educational institutions; (2) banking or similar institutions; (3) insurance companies; and (4) operators subject to approval by the French Online Gambling Regulatory Authority.

GDPR

GDPR Personal data Insurance Education

D.C. Circuit’s Article III Standing Decision Deepens Appellate Disagreement

Hunton Privacy

AUGUST 10, 2017

Circuit reversed the dismissal of a putative data breach class action against health insurer CareFirst, Attias v. The court’s opinion also identified allegations of “medical identity theft” that was possible with the theft of health insurance subscriber ID numbers alone. On August 1, 2017, a unanimous three-judge panel for the D.C.

Insurance

Insurance Data breaches Risk Access

Do’s and Don’ts of Text Message Discovery

eDiscovery Daily

FEBRUARY 3, 2022

Lee: FFS, an insurance broker, requested the production of all written communication after the defendants violated their contract by sharing company information after termination. Consequently, attorney fees were issued, and the case was terminated. These methods are time-consuming and harder to authenticate in court. [5]. 4] Anthony J.

e-Discovery

e-Discovery Computer and Electronics Communications Authentication

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

are subject to laws such as the Health Insurance Portability and Accountability Act (HIPAA) and the Health Information Technology for Economic and Clinical Health Act (the HITECH Act), as well as regulations such as the Clinical Laboratory Improvements Amendments (CLIA). Healthcare Data Privacy Laws. Health data and patient data in the U.S.

Data Privacy

Data Privacy Compliance Privacy Security

MY TAKE: Massive Marriott breach continues seemingly endless run of successful hacks

The Last Watchdog

DECEMBER 3, 2018

Office of Personnel Management , I’ve had insurance coverage from Premera Blue Cross and I’ve stayed at the Marriott Marquis in San Francisco. The Starwood hack appears to come in second in scale only to the 2013 Yahoo breac h, which affected as many as 3 billion accounts, while a subsequent Yahoo breach also hit 500 million accounts.

Authentication

Authentication Military Access Insurance

NHS’ Plans to Share Patient Records with Third Parties

Data Matters

JUNE 9, 2021

The Notice further states that the data will never be shared with marketing or insurance companies. Although the GP data collection was set to take place as of July 1, 2021, on June 8, 2021 it was announced that the launch will be postponed to September 1, 2021.

Healthcare

Healthcare Data collection Personal data GDPR

HIPAA Omnibus Rule Compliance Deadline Has Arrived

Hunton Privacy

SEPTEMBER 23, 2013

Today, September 23, 2013, marks the deadline for compliance with the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Omnibus Rule that was issued in January 2013.

Compliance

Compliance Privacy Insurance Risk

We Infiltrated a Counterfeit Check Ring! Now What?

Krebs on Security

JUNE 30, 2021

In a report released in 2019 (PDF), Agari profiled a group it dubbed “ Scattered Canary ” that is operating principally out of West Africa and dabbles in a dizzying array of schemes, including BEC and romance scams, FEMA and SBA loans, unemployment insurance fraud, counterfeit checks and of course money laundering. Image: Agari.

Insurance

Insurance IT Education Government

Credit Reporting Companies Put Customer Data at Risk

Adam Levin

MAY 19, 2021

Experian, 2013 – 2015: Hackers stole a trove of information from T-Mobile customers whose data had passed through Experian to check credit there and open a new account. Many companies now offer insurance policies that can help you recoup lost money, and even help you through the reporting and recovery process.

Risk

Risk Data breaches Cybersecurity Insurance

Obama Administration Releases Incentive Reports on Cybersecurity

Hunton Privacy

AUGUST 7, 2013

On August 6, 2013, the Obama Administration posted links on The White House Blog to reports from the Departments of Commerce , Homeland Security and Treasury containing recommendations on incentivizing companies to align their cybersecurity practices with the Cybersecurity Framework.

Cybersecurity

Cybersecurity Insurance Risk Security

Automated Security and Compliance Attracts Venture Investors

eSecurity Planet

FEBRUARY 14, 2023

In 2013, Adam Markowitz founded Portfolium, an edtech startup that matched college students and graduates with employers. “I In the case of Lemonade – an online insurance company – it spent over 200 hours on the process. The process for creating the report was time-consuming, manual and costly.

Compliance

Compliance Security Cybersecurity Marketing

California Consumer Privacy Act: The Challenge Ahead – Consumer Litigation and the CCPA: What to Expect

HL Chronicle of Data Protection

SEPTEMBER 27, 2018

4th 390, 393 (2013) (allowing “unlawful” UCL claim for violations of the federal Truth in Savings Act despite no express private right of action because Congress intended for state laws to hold banks to equivalent standards); see also Zhang v. 11-16351, 2013 WL 98554, at *1 (9th Cir. Bank of America, N.A. , Fireman’s Fund Ins.

Privacy

Privacy Data breaches Insurance IT

California Consumer Privacy Act: The Challenge Ahead – Consumer Litigation and the CCPA: What to Expect

HL Chronicle of Data Protection

SEPTEMBER 27, 2018

4th 390, 393 (2013) (allowing “unlawful” UCL claim for violations of the federal Truth in Savings Act despite no express private right of action because Congress intended for state laws to hold banks to equivalent standards); see also Zhang v. 11-16351, 2013 WL 98554, at *1 (9th Cir. Bank of America, N.A. , Fireman’s Fund Ins.

Privacy

Privacy Data breaches Insurance IT

HHS Announces HIPAA Settlement with UMass

Hunton Privacy

NOVEMBER 30, 2016

On November 22, 2016, the Department of Health and Human Services (“HHS”) announced a $650,000 settlement with University of Massachusetts Amherst (“UMass”), resulting from alleged violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Privacy and Security Rules. .

Computer and Electronics

Computer and Electronics Insurance Privacy Risk

Top VC Firms in Cybersecurity of 2022

eSecurity Planet

APRIL 26, 2022

Company Sector Year Status Wiz Cloud security 2020 Private Evervault Developer encryption 2019 Private Verkada Security surveillance 2019 Private Armis IoT network security 2015 Private Sumo Logic Threat intelligence 2014 Nasdaq: SUMO Okta Identity management 2013 Nasdaq: OKTA Barracuda Enterprise security 2006 Private. Accel Investments.

Cybersecurity

Cybersecurity Cloud Marketing Security

Target Sues Insurer Over 2013 Data Breach Costs

An Interview With the Target & Home Depot Hacker

Trending Sources

Target Seeks $74M in Data Breach Reimbursement from Insurance Company

Hacked Data Broker Accounts Fueled Phony COVID Loans, Unemployment Claims

Who Stole 3.6M Tax Records from South Carolina?

First American Financial Pays Farcical $500K Fine

Experian API Exposed Credit Scores of Most Americans

China Insurance Regulatory Agency Promulgates New Rule Protecting Personal Data of Life Insurance Customers

Insurance Policy’s Statutory Rights Exclusion Does Not Apply to Data Breach Claims

New Payment Technologies Should Reduce Demand for Cyber Insurance

Puerto Rico Health Insurer Reports Record Fine Following PHI Breach Incident

Health Insurer Reaches Privacy Settlement with New Jersey Division of Consumer Affairs

Maryland Department of Labor discloses a data breach

Federal Banking Regulators Request Comment on Proposed Guidance for Third-Party Risk Management

FDIC, FRB and OCC Issue Interagency Guidance on Third-Party Relationships

The man behind Cardplanet credit card market sentenced to 9 years in prison

OCR Imposes a $1.6 Million Civil Money Penalty against Texas Health and Human Services Commission for HIPAA Violations

Fifth Circuit Court of Appeals Vacates MD Anderson HIPAA Penalty

Who is Tech Investor John Bernard?

Experian API exposed credit scores of tens of millions of Americans

Hacker Charged With Extorting Online Psychotherapy Service

California Consumer Privacy Act: The Challenge Ahead – Consumer Litigation and the CCPA: What to Expect

Lon Berk Discusses Recent Cyber Attack on New York Times

North Dakota Amends Breach Notification Law to Cover Health Information

The Week in Cyber Security and Data Privacy: 16–22 October 2023

Episode 212: China’s Stolen Data Economy (And Why We Should Care)

OCR Issues Penalty for Noncompliance with HIPAA Privacy and Security Rules

Chronicle of a Records Manager: Controlling the Chaos of Disaster Response and Recovery

SEC Releases Observations from Recent Cybersecurity Examinations of Broker-Dealers and Advisers

CNIL Launches Public Consultation on Draft Standards on Data Processing for Managing Business Activities and Unpaid Invoices

D.C. Circuit’s Article III Standing Decision Deepens Appellate Disagreement

Do’s and Don’ts of Text Message Discovery

Security Compliance & Data Privacy Regulations

MY TAKE: Massive Marriott breach continues seemingly endless run of successful hacks

NHS’ Plans to Share Patient Records with Third Parties

HIPAA Omnibus Rule Compliance Deadline Has Arrived

We Infiltrated a Counterfeit Check Ring! Now What?

Credit Reporting Companies Put Customer Data at Risk

Obama Administration Releases Incentive Reports on Cybersecurity

Automated Security and Compliance Attracts Venture Investors

California Consumer Privacy Act: The Challenge Ahead – Consumer Litigation and the CCPA: What to Expect

California Consumer Privacy Act: The Challenge Ahead – Consumer Litigation and the CCPA: What to Expect

HHS Announces HIPAA Settlement with UMass

Top VC Firms in Cybersecurity of 2022

Stay Connected