IT Governance

JULY 6, 2020

Beaming’s Five Years in Cyber Security found that 1.5 million organisations fell victim to cyber crime in 2019. On the plus side, the average cost of breaches has fallen from £26,000 per incident in 2015 to £6,000 in 2019 – although that’s offset by the increase in the overall number of incidents.

Information Security 135

Information Security Phishing IoT Insurance 135

Security Affairs

DECEMBER 28, 2022

The chief executive of insurance giant Zurich warns that cyber attacks, rather than natural catastrophes, will become uninsurable. Mario Greco, chief executive of insurer giant Zurich, has warned that cyber attacks will become soon “uninsurable.”.

Insurance 95

Insurance Risk Ransomware IT 95

Security Affairs

JULY 21, 2021

Experts found a DB containing sensitive health insurance data belonging to customers of US insurance giant Humana. An SQL database containing what appears to be highly sensitive health insurance data of more than 6,000 patients has been leaked on a popular hacker forum. Drug prescription listings). Who had access to the data?

Insurance 115

Insurance Passwords Libraries Access 115

HL Chronicle of Data Protection

MAY 13, 2019

In the past two years, multiple state bills that have been introduced in the US to provide for cybersecurity requirements and standards to the insurance sector, with recent legislative activity taking place in particular within the States of Ohio, South Carolina, and Michigan. NYDFS: Setting a new bar for state cybersecurity regulation.

Insurance 40

Insurance Cybersecurity Data breaches Financial Services 40

Hunton Privacy

FEBRUARY 29, 2024

It filed a breach report with OCR in February 2019, which then investigated the organization’s data practices starting in December 2019. This marks the second such settlement with a HIPAA-regulated entity for violations that were discovered following a ransomware attack, according to HHS. Investigate all likely policy violations.

Ransomware 111

Ransomware Personal data Risk Privacy 111

Data Protection Report

JUNE 2, 2021

million settlement with two related insurance companies, relating to violations of two different requirements of the NYDFS cybersecurity regulation during the period 2018 to 2019. This matter began when insurance affiliate #1, licensed by NYDFS, discovered a phishing email in September of 2018. NYDFS Cybersecurity Regulation.

Cybersecurity 71

Cybersecurity Insurance Financial Services Phishing 71

IT Governance

FEBRUARY 26, 2019

I count this month’s total of leaked records to be 692,853,046, bringing 2019’s total to 2,462,038,109. Eskom data leak exposes sensitive customer information – Security researcher. Outdated software left municipal worker information exposed in 200 towns. Crosby ISD’s IT system hacked by ransomware virus.

Data breaches 109

Data breaches Sales Phishing Ransomware 109

Security Affairs

OCTOBER 6, 2023

” The Company states that its cybersecurity insurance will cover the financial losses and future expenses, however, the full scope of the costs and related impacts has yet to be determined. The incident affected hotel reservation systems in the United States and other IT systems that run the casino floors.

Ransomware 127

Ransomware Insurance Cybersecurity IT 127

IT Governance

DECEMBER 27, 2019

A royal baby, a fire at Notre-Dame, the highest grossing film of all time and more than 12 billion breached data records: 2019 has been quite a year. IT Governance is closing out the year by rounding up 2019’s biggest information security stories. Video-sharing app TikTok agreed to a record $5.7 million (£4.2

Data breaches 55

Data breaches GDPR Passwords Personal data 55

Security Affairs

OCTOBER 24, 2021

Stolen data spans from 2006 and 2019, local media outlets have confirmed their authenticity. Threat actors are also offering a file containing information from 2020 to those that will buy the database. As a bonus to the purchase, a file with information from 2020 is offered. ” continues the post.

Sales 105

Sales Insurance Analytics Authentication 105

Security Affairs

JUNE 12, 2021

The security breach affected a subsidiary Audi and authorized dealers in the U.S. According to a letter sent by the company to the Maine Attorney General and reported by TechCrunch , the subsidiary company left customer data spanning 2014 to 2019 unsecured online between August 2019 and May 2021. million of its customers.

Data breaches 130

Data breaches Sales Insurance Marketing 130

Data Matters

JUNE 24, 2021

On June 15, 2021, the SEC announced settled charges against First American Title Insurance Company (First American) for disclosure controls and procedures violations related to a cybersecurity vulnerability that exposed sensitive customer information. SEC Statement and Guidance on Public Company Cybersecurity Disclosures.

Cybersecurity 66

Cybersecurity Financial Services Risk Compliance 66

Security Affairs

APRIL 24, 2020

Experts from BadPackets pointed out that attackers might have exploited the Pulse Secure VPN CVE-2019-11510 to compromise the company. BadPackets reported that SeaChange had a Pulse Secure VPN server ( [link] ) vulnerable to CVE-2019-11510 from April 24, 2019 until March 24, 2020.

Ransomware 106

Ransomware Insurance Data breaches Encryption 106

Security Affairs

SEPTEMBER 1, 2020

The Iranian hacker group has been attacking corporate VPNs over the past months, they have been hacking VPN servers to plant backdoors in companies around the world targeting Pulse Secure , Fortinet , Palo Alto Networks , and Citrix VPNs. ” reads the report published by Crowdstrike. ” continues the report. Pierluigi Paganini.

Access 100

Access Financial Services Retail Insurance 100

Security Affairs

NOVEMBER 13, 2020

“The files, which included driver information for licenses issued before February 2019, contained Texas driver license numbers, as well as names, dates of birth, addresses and vehicle registration histories. They did not contain any Social Security numbers or financial account information.

Data breaches 133

Data breaches Insurance Access Security 133

IT Governance

NOVEMBER 6, 2023

While investigating the incident, it discovered that confidential consumer information had been accessed by an unauthorised third party. It secured its systems, notified law enforcement and began investigating the incident. Records breached: 815,000,000 Milford Management Corp. Boeing is “assessing the claim”.

Data Privacy 76

Data Privacy Privacy Security Libraries 76

The Last Watchdog

APRIL 3, 2019

I had the chance at RSA 2019 to visit with Mike Kiser, global strategist at SailPoint , an Austin, TX-based supplier of IGA services to discuss this. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be. Users re-defined. Compliance matters. Talk more soon.

Digital transformation 140

Digital transformation Insurance Compliance Healthcare 140

Security Affairs

JANUARY 18, 2023

The security loophole resulted in millions of private documents being revealed to the public. Researchers found about 435,000 payslips, 300 tax filings, 3,800 insurance payment documents, and 21,000 salary sheets belonging to various companies using the HR platform’s services.

Privacy 92

Privacy Insurance Personal data Access 92

Data Protection Report

JANUARY 7, 2019

The two-year transitional period under the New York State Department of Financial Services (“DFS””) Cybersecurity Regulation , 23 NYCRR 500 (the “Regulation”), will expire on March 1, 2019, with the final remaining requirement becoming effective. Additional guidance.

Cybersecurity 40

Cybersecurity Compliance Financial Services Risk 40

HL Chronicle of Data Protection

FEBRUARY 25, 2020

It applies to any “Covered Entity,” which is defined broadly to include “any Person operating under or required to operate under a license, registration, charter, certificate, permit, accreditation or similar authorization under the Banking Law, the Insurance Law or the Financial Services Law.”

Cybersecurity 104

Cybersecurity Financial Services Data breaches Insurance 104

Data Protection Report

APRIL 22, 2021

On April 14, 2021, the New York Department of Financial Services (NYDFS) announced a $3 million settlement with insurance company National Securities Corp. According to the consent order, the matter began when NSC reported a cybersecurity event to NYDFS on October 23, 2019. The second incident occurred in March of 2019.

Cybersecurity 94

Cybersecurity Financial Services Phishing Compliance 94

Data Protection Report

APRIL 7, 2022

CafePress included in its email responses to consumers’ commonly asked questions, “CafePress.com also pledges to use the best and most accepted methods and technologies to insure [sic] your personal information is safe and secure.” In addition, CafePress stated that it was in compliance with the U.S.-E.U. Privacy Shield.

Privacy 114

Privacy Compliance Insurance Data collection 114

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services 66

Financial Services Cybersecurity Insurance Risk 66

Data Protection Report

APRIL 30, 2024

As part of the order, the company agreed to post “clearly and conspicuously” on its websites and apps for the next two years: Between October 2019 and [date], we shared the personal of information of consumers visiting our website and apps with other companies without their permission.

Personal data 85

Personal data Privacy Information governance Compliance 85

Security Affairs

MAY 1, 2020

The hackers claim to have compromised the Banco BCR’s network in August 2019, and had the opportunity to exfiltrate its information before encrypting the files. Banco BCR has yet to disclose the security breach. Please vote Security Affairs for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERS [link].

Ransomware 140

Ransomware Encryption Insurance Data breaches 140

Security Affairs

JANUARY 21, 2020

Security firms have monitored the activities of a dozen groups at least since 2010. . According to a joint report published by RiskIQ and FlashPoint in 2019 , some groups are more advanced than others, in particular, the gang tracked as Group 4 appears to be very sophisticated. The malware was completely removed on November 11, 2019.

Data breaches 108

Data breaches Retail Cloud Insurance 108

Hunton Privacy

OCTOBER 25, 2022

On October 24, 2022, the UK Information Commissioner’s Office (“ICO”) issued a £4.4 million fine to Interserve Group Limited for failing to keep employee personal data secure, which violates Article 5(1)(f) and Article 32 of the EU General Data Protection Regulation (“GDPR”), during the period of March 2019 to December 2020.

Security 97

Security Personal data GDPR Insurance 97

Security Affairs

MAY 9, 2020

BEC attacks continue to threaten organizations worldwide, according to the last Internet Crime Complaint Center (IC3) report , the FBI recorded 23,775 BEC attacks in 2019 that resulted in an estimated US$1.77 Please vote Security Affairs for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERS [link]. billion in global losses.

Government 68

Government Energy and Utilities Insurance Phishing 68

Security Affairs

SEPTEMBER 10, 2020

These images include a screenshot of folders on a SeaChange server compromised by the gang, insurance certificates, a driver’s license, and a cover letter for a proposal sent to the Pentagon. “In the first quarter of fiscal 2021, we experienced a ransomware attack on our information technology system,” reads the report.

Ransomware 69

Ransomware Data breaches Insurance Encryption 69

IT Governance

NOVEMBER 20, 2023

According to databreaches.net , the group exfiltrated tenant information, service management information, financial data, business data, property data, employee data and sensitive business information. For more information about the SEC cyber security disclosure rules, register for our free webinar on 30 November.)

Data Privacy 52

Data Privacy Privacy Data breaches Security 52

Security Affairs

JUNE 20, 2019

The internal IT staff has been working with security consultants to restore the operations, but according to them the only way to decrypt the information was to pay the ransom. . On Monday, city officials participating to a rapid meeting unanimously voted to use the city’s insurance to pay a ransom of 65 bitcoins (~$603,000).

Insurance 94

Insurance Ransomware Encryption Government 94

Security Affairs

APRIL 8, 2021

The cardshop has been operating since at least April 2019, and by March 2021, it had more than 12K user base and over 600K payment card records on sale. The analysis of the freshly exposed database found that the information was new as it indicated the latest user activity timestamps. ever since.

Passwords 109

Passwords Insurance Personal data Sales 109

Security Affairs

JUNE 26, 2019

“On Monday June 10th, 2019, the City of Lake City was targeted by a malware attack known as ‘Triple Threat.'” Crooks made a request of a ransom a week after the initial infection, they contacted the Lake City’s insurance provider, the League of Cities, which negotiated a payment of 42 bitcoins.

Ransomware 97

Ransomware Insurance Government IT 97

Data Protection Report

FEBRUARY 8, 2022

In total, information for approximately 2.1 In total, information for approximately 2.1 The latter is the 2019 data security law known as the Stop Hacks and Improve Electronic Data Security (SHIELD) Act. EyeMed neither admitted nor denied the AG’s findings in the settlement. Background.

Passwords 98

Passwords Financial Services Authentication Insurance 98

IT Governance

JULY 11, 2019

That’s a question more organisations are having to ask themselves nowadays, with at least 55 ransomware attacks reported in the first half of 2019. This might seem futile – the police will almost certainly be unable to recover your data, let alone catch the crooks – but evidence of the attack is necessary for filing a cyber insurance claim.

Ransomware 89

Ransomware Insurance Encryption Paper 89

Security Affairs

NOVEMBER 8, 2020

billion in revenue for 2019. According to a “Security Incident” notification issued this week by the company, it first became aware of the hack on August 9 and, after investigating the attack, determined on August 28 that the threat actors gained access to patients’ personal information. Luxottica Group S.p.A.

Data breaches 80

Data breaches Insurance Retail Ransomware 80

Security Affairs

OCTOBER 13, 2019

The hospital chain hasn’t revealed the amount it has paid to the crooks to decrypt the data, it seems that an insurance covered the cost. The hospital chain hasn’t revealed the amount it has paid to the crooks to decrypt the data, it seems that an insurance covered the cost. ” continues the post.

Ransomware 80

Ransomware Insurance Paper Government 80