eSecurity Planet

AUGUST 9, 2022

Regulatory compliance and data privacy issues have long been an IT security nightmare. GDPR (among other legal requirements in the EU and elsewhere) can expose multinational organizations to hefty financial penalties, additional rules for disclosing data breaches, and increased scrutiny of the adequacy of their data security.

Data Privacy 145

Data Privacy Compliance Privacy Security 145

eSecurity Planet

FEBRUARY 14, 2023

In 2013, Adam Markowitz founded Portfolium, an edtech startup that matched college students and graduates with employers. “I I remember the first time we were asked for a SOC 2 report, which quickly became the minimum bar requirement in our industry for proof of an effective security program,” he said. Other investors included J.P.

Compliance 122

Compliance Security Cybersecurity Marketing 122

Krebs on Security

JUNE 30, 2021

Ronnie Tokazowski is a threat researcher at Agari , a security firm that has closely tracked many of the groups behind these advanced fee schemes [KrebsOnSecurity interviewed Tokazowski in 2018 after he received a security industry award for his work in this area]. ” ANY METHOD THAT WORKS. Image: Agari.

Insurance 313

Insurance IT Education Government 313

Krebs on Security

NOVEMBER 3, 2022

In 2013, Kurittu worked on investigation involving Kivimaki’s use of the Zbot botnet, among other activities Kivimaki engaged in as a member of the hacker group Hack the Planet. Among those who grabbed a copy of the database was Antti Kurittu , a former criminal investigator at the Helsinki Police Department.

Data breaches 248

Data breaches Records Management Insurance Archiving 248

Thales Cloud Protection & Licensing

JANUARY 22, 2025

The Health Insurance Portability and Accountability Act (HIPAA), enacted in 1996, established national standards to safeguard sensitive patient health information (PHI) and prevent unauthorized disclosures. Compliance with these standards is now unequivocally mandatory, significantly raising the baseline for data security expectations.

Cybersecurity 62

Cybersecurity Data breaches Encryption Compliance 62

IT Governance

OCTOBER 24, 2023

Another small firm suffers a serious ransomware attack: Cadre Services gets mauled by AlphV Date of breach: 19 September 2013 (AlphV uploaded first part of data to its website on 19 October 2023). D-Link Corporation Provides Details about an Information Disclosure Security Incident Date of breach: 2 October 2023.

Data Privacy 104

Data Privacy Privacy Security Data breaches 104

The Last Watchdog

DECEMBER 3, 2018

I have a Yahoo email account, I’ve shopped at Home Depot and Target , my father was in the military and had a security clearance, which included a dossier on his family, archived at the U.S. Office of Personnel Management , I’ve had insurance coverage from Premera Blue Cross and I’ve stayed at the Marriott Marquis in San Francisco.

Authentication 157

Authentication Military Access Insurance 157

Hunton Privacy

OCTOBER 15, 2013

On October 7, 2013, the United States District Court for the Central District of California held that a general liability insurance policy covered data breach claims alleging violations of California patients’ right to medical privacy. Hartford Casualty Insurance Co. Corcino & Associates , CV 13-03728-GAF (C.D.

Insurance 40

Insurance Data breaches Privacy Security 40

Hunton Privacy

NOVEMBER 20, 2013

On November 4, 2013, the China Insurance Regulatory Commission, which is the Chinese regulatory and administrative authority for the insurance sector, issued the Interim Measures for the Management of the Authenticity of Information of Life Insurance Customers (the “Measures”).

Insurance 40

Insurance Personal data Authentication Records Management 40

Hunton Privacy

FEBRUARY 24, 2014

Securities and Exchange Commission that its health insurance subsidiary, Triple-S Salud, Inc. Triple S”), which is Puerto Rico’s largest health insurer, will be fined $6.8 million for a data breach that occurred in September 2013. Triple-S Management Corporation reported in the 8-K it recently filed with the U.S.

Insurance 40

Insurance Data breaches IT Security 40

Hunton Privacy

NOVEMBER 6, 2014

Hunton & Williams Insurance Litigation & Counseling partner Lon Berk reports: As the demand for cyber insurance has skyrocketed, so too has the cost. One broker estimates that sales in 2014 will double from the $1 billion premium collected in 2013. As these payment technologies become prevalent in the U.S.,

Insurance 40

Insurance Retail Sales Risk 40

Hunton Privacy

JULY 16, 2021

According to the Regulators, the Proposed Guidance largely would adopt the text of the OCC’s 2013 guidance, broadening its scope to include organizations supervised by all three Regulators.

Risk 81

Risk Insurance Sales Encryption 81

The Last Watchdog

AUGUST 15, 2019

insurance giant Beazley Worldwide reported that the average ransomware demand in 2018 was more than $116,000, a figure admittedly skewed by some very large demands. Best security practices are a must. A top-down security mindset absolutely must be instilled and nurtured. A poll of IT pros in the U.S., The median was $10,310.

Ransomware 196

Ransomware Access Cybersecurity Insurance 196

IT Governance

MARCH 11, 2024

Source (New) Transport USA Yes 3,815 Okta Source 1 ; source 2 (Update) Cyber security USA Yes 3,800 Shah Dixit & Associates, P.C. Source (New) Finance USA Yes 3,494 Woodruff Sawyer Source (New) Insurance USA Yes 3,087 Blackburn College Source (New) Education USA Yes 3,039 CAIRE Inc. UniCredit fined €2.8

Data Privacy 78

Data Privacy Privacy Security Data breaches 78

Hunton Privacy

FEBRUARY 22, 2017

The settlement stemmed from the theft of two laptops stolen from Horizon headquarters in November 2013, when personnel from outside vendors performing renovations and moving services at Horizon’s Newark headquarters had unsupervised access to the area where company laptops were stored. Under the terms of the settlement, in addition to the $1.1

Insurance 45

Insurance Privacy Encryption Passwords 45

eSecurity Planet

APRIL 26, 2022

Luckily for cybersecurity startups, there’s no shortage of interest in tomorrow’s next big security vendors. billion in 2021, and growing concerns over data security , software supply chains , and ransomware suggest the market will remain strong through economic ups and downs. How Do VC Firms Work? AllegisCyber Investments.

Cybersecurity 129

Cybersecurity Cloud Marketing Security 129

HL Chronicle of Data Protection

SEPTEMBER 27, 2018

to support individual and classwide actions for purported data security and privacy violations. 4th 390, 393 (2013) (allowing “unlawful” UCL claim for violations of the federal Truth in Savings Act despite no express private right of action because Congress intended for state laws to hold banks to equivalent standards); see also Zhang v.

Privacy 81

Privacy Data breaches Insurance IT 81

Hunton Privacy

JANUARY 16, 2021

The Court held that OCR’s civil monetary penalty for alleged violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Privacy Rule and HIPAA Security Rule was “arbitrary, capricious, and otherwise unlawful.”. OCR investigated and imposed the $4.3

Encryption 71

Encryption Privacy Insurance Security 71

Hunton Privacy

FEBRUARY 3, 2017

million civil monetary penalty against Children’s Medical Center of Dallas (“Children’s”) for alleged ongoing violations of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Privacy and Security Rules, following two consecutive breaches of patient electronic protected health information (“ePHI”).

Privacy 40

Privacy Security Insurance Encryption 40

IT Governance

APRIL 9, 2024

Kid Security breached again: children’s live GPS locations exposed on the Internet Last November , the parental control app Kid Security, which allows parents to monitor and control their children’s online safety, was found to have exposed more than 300 million records via misconfigured Elasticsearch and Logstash instances.

Data Privacy 52

Data Privacy Privacy Security Manufacturing 52

Hunton Privacy

DECEMBER 3, 2018

Each Referential lists the purposes of the data processing in question, the legal basis for that data processing, the types of personal data that may be processed for those purposes, the data retention periods and the associated security measures.

GDPR 81

GDPR Personal data Insurance Education 81

IT Governance

APRIL 22, 2024

Compromised data includes names, passport numbers, Social Security numbers, online crypto account identifiers and bank account numbers. Publicly disclosed data breaches and cyber attacks: in the spotlight Criminal hackers threaten to leak World-Check screening database A criminal group known as GhostR claims to have stolen 5.3

Data Privacy 52

Data Privacy Privacy Manufacturing Security 52

Hunton Privacy

JANUARY 17, 2013

The Final Rule will become effective March 26, 2013, with covered entities and business associates obligated to comply with the new requirements by September 23, 2013. The Final Rule comes two and a half years after the proposed rule was published in July 2010.

Privacy 40

Privacy Security Insurance Marketing 40

Hunton Privacy

AUGUST 1, 2013

On April 19, 2013, the North Dakota legislature amended the state’s breach notification law (Section 51-30-01 of the North Dakota Century Code) to expand the definition of “personal information” to include “health insurance information” and “medical information.” The amendments took effect on August 1, 2013.

Insurance 40

Insurance Security Privacy 40

Adam Levin

MAY 19, 2021

An undergraduate student at Rochester Institute of Technology named Bill Demirkapi discovered the most recent security failure. The information included driver’s licenses , credit card , and Social Security numbers. The data included addresses, birthdays, and even Social Security numbers. Takeaways .

Risk 87

Risk Data breaches Cybersecurity Insurance 87

IT Governance

MAY 29, 2018

Insurance startup leaks sensitive customer health data. LifeBridge Health and LifeBridge Potomac Professionals Notify Patients of a Recent Security Incident. UT alerts some faculty, students of lost flash drive containing Social Security numbers. Bombas notifies consumers of breach going back to 2013. Hacker Steals $1.35

Data breaches 89

Data breaches GDPR Ransomware Passwords 89

Hunton Privacy

JULY 12, 2013

On July 11, 2013, the Department of Health and Human Services (“HHS”) announced a resolution agreement and $1.7 following a security breach that affected over 600,000 individuals. million settlement with WellPoint Inc. In a not-so-subtle hint of OCR’s future intentions, the press release also mentioned that “Beginning Sept.

Privacy 40

Privacy Security Insurance Access 40

IG Guru

NOVEMBER 26, 2019

Department of Health and Human Services (HHS) has imposed a $1,600,000 civil money penalty against the Texas Health and Human Services Commission (TX HHSC), for violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy and Security Rules between 2013 […]. The post OCR Imposes a $1.6

Insurance 41

Insurance Privacy Security Records Management 41

Hunton Privacy

JUNE 13, 2023

On June 6, 2023, the Federal Deposit Insurance Corporation (“FDIC”), the Board of Governors of the Federal Reserve System (“FRB”) and the Office of the Comptroller of the Currency (“OCC”) issued their final Interagency Guidance on Third-Party Relationships (“Guidance”).

Risk 64

Risk Insurance Compliance Information Security 64

ARMA International

APRIL 28, 2022

I have been a member of the OAR staff at the ANO since March 2013. The plan was to meet the insurance coordinator at the Howard Avenue office at 8:30 a.m. I was aware that I would need documentation on damage and losses for insurance and internal purposes. The insurance coordinator proposed stabilizing in place.

Records Management 105

Records Management Archiving Insurance Communications 105

Hunton Privacy

FEBRUARY 6, 2015

On February 3, 2015, the Securities and Exchange Commission (“SEC”) released a Risk Alert , entitled Cybersecurity Examination Sweep Summary, summarizing observations from the recent round of cybersecurity examinations of registered broker-dealers and investment advisers under the Cybersecurity Examination Initiative.

Cybersecurity 40

Cybersecurity Insurance Financial Services Risk 40

Hunton Privacy

SEPTEMBER 23, 2013

Today, September 23, 2013, marks the deadline for compliance with the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Omnibus Rule that was issued in January 2013. Change the notice of privacy practices to be distributed to individuals.

Compliance 40

Compliance Privacy Insurance Risk 40

eSecurity Planet

FEBRUARY 16, 2021

The internet is fraught with peril these days, but nothing strikes more fear into users and IT security pros than the threat of ransomware. Raising awareness about ransomware is a baseline security measure. As training sessions have little influence over staff for every potential attack, it makes added security more imperative.

Ransomware 97

Ransomware Encryption Insurance Cloud 97

Hunton Privacy

APRIL 3, 2013

On January 17, 2013, the U.S. Department of Health and Human Services issued a final omnibus rule modifying prior regulations enacted pursuant to the Health Insurance Portability and Accountability Act of 1996. Sotto , partner and head of the Global Privacy and Data Security practice at Hunton & Williams LLP, and Ryan P.

Compliance 40

Compliance Insurance Privacy Security 40

Hunton Privacy

MARCH 15, 2013

On March 5, 2013, the German Federal Ministry of the Interior published proposed amendments (in German) to the German Federal Office for Information Security Law.

Cybersecurity 40

Cybersecurity Information Security Insurance Privacy 40

Hunton Privacy

AUGUST 10, 2017

Circuit reversed the dismissal of a putative data breach class action against health insurer CareFirst, Attias v. The court found that the complaint did in fact allege the theft of Social Security numbers and payment card information. On August 1, 2017, a unanimous three-judge panel for the D.C. CareFirst, Inc. , 16-7108, slip op.

Data breaches 40

Data breaches Insurance Risk Access 40

Hunton Privacy

JANUARY 3, 2014

On December 31, 2013, the Federal Trade Commission announced that Accretive Health, Inc. Accretive”) has agreed to settle charges that the company’s inadequate data security measures unfairly exposed sensitive consumer information to the risk of theft or misuse.

Insurance 40

Insurance Information Security Risk Security 40