2019, Insurance and Security - Information Management Today

Arthur J. Gallagher (AJG) insurance giant discloses ransomware attack

Security Affairs

SEPTEMBER 29, 2020

Gallagher (AJG) insurance giant disclosed a ransomware attack, the security breach took place on Saturday. Gallagher (AJG) global insurance brokerage firm confirmed that it was his with a ransomware attack on Saturday, September 26. US-based Arthur J. US-based Arthur J. Gallagher & Co. Pierluigi Paganini. The post Arthur J.

Insurance

Insurance Ransomware Data breaches Cybersecurity

American Insurance firm State Farm victim of credential stuffing attacks

Security Affairs

AUGUST 7, 2019

The American group of insurance and financial services companies State Farm disclosed a credential stuffing attack it has suffered in July. The American group of insurance and financial services companies State Farm revealed that it was the victim of a credential stuffing attack it has suffered in July. The experts detected 8.3

Insurance

Insurance Data breaches Financial Services Passwords

First American Financial Corp. Leaked Hundreds of Millions of Title Insurance Records

Krebs on Security

MAY 24, 2019

The Web site for Fortune 500 real estate title insurance giant First American Financial Corp. based First American is a leading provider of title insurance and settlement services to the real estate and mortgage industries. We are currently evaluating what effect, if any, this had on the security of customer information.

Insurance

Insurance Authentication Mining Sales

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

Thousands of Humana customers have their medical data leaked online by threat actors

Security Affairs

JULY 21, 2021

Experts found a DB containing sensitive health insurance data belonging to customers of US insurance giant Humana. An SQL database containing what appears to be highly sensitive health insurance data of more than 6,000 patients has been leaked on a popular hacker forum. What was leaked? Drug prescription listings).

Insurance

Insurance Passwords Libraries Access

Experian’s Credit Freeze Security is Still a Joke

Krebs on Security

APRIL 26, 2021

Last week, KrebsOnSecurity heard from a reader who had his freeze thawed without authorization through Experian’s website, and it reminded me of how truly broken authentication and security remains in the credit bureau space. “They’re allowing this huge security gap so they can make a profit. .”

Security

Security Authentication Access Insurance

NY Charges First American Financial for Massive Data Leak

Krebs on Security

JULY 23, 2020

In May 2019, KrebsOnSecurity broke the news that the website of mortgage title insurance giant First American Financial Corp. based First American [ NYSE:FAF ] is a leading provider of title insurance and settlement services to the real estate and mortgage industries. billion in 2019.

Insurance

Insurance Financial Services Mining Access

Hackers Were Inside Citrix for Five Months

Krebs on Security

FEBRUARY 19, 2020

Networking software giant Citrix Systems says malicious hackers were inside its networks for five months between 2018 and 2019, making off with personal and financial data on company employees, contractors, interns, job candidates and their dependents. 13, 2018 and Mar. 28, 2018, a claim Citrix initially denied but later acknowledged.

Passwords

Passwords Access Insurance Government

SeaChange video delivery software solutions provider hit by Sodinokibi ransomware

Security Affairs

APRIL 24, 2020

Experts from BadPackets pointed out that attackers might have exploited the Pulse Secure VPN CVE-2019-11510 to compromise the company. BadPackets reported that SeaChange had a Pulse Secure VPN server ( [link] ) vulnerable to CVE-2019-11510 from April 24, 2019 until March 24, 2020. Pierluigi Paganini.

Ransomware

Ransomware Insurance Data breaches Encryption

Volkswagen discloses data breach, 3.3 million customers impacted

Security Affairs

JUNE 12, 2021

The security breach affected a subsidiary Audi and authorized dealers in the U.S. According to a letter sent by the company to the Maine Attorney General and reported by TechCrunch , the subsidiary company left customer data spanning 2014 to 2019 unsecured online between August 2019 and May 2021. million of its customers.

Data breaches

Data breaches Sales Insurance Marketing

Vertafore data breach exposed data of 27.7 million Texas drivers

Security Affairs

NOVEMBER 13, 2020

The company disclosed this security breach this week, data was stored on an unsecured external storage service and they were accessed by an external party. The company pointed out that the data breach did not expose Social Security numbers or financial account information. million Texas drivers appeared first on Security Affairs.

Data breaches

Data breaches Insurance Access Security

First American Financial Pays Farcical $500K Fine

Krebs on Security

JUNE 18, 2021

In May 2019, KrebsOnSecurity broke the news that the website of mortgage settlement giant First American Financial Corp. Securities and Exchange Commission settled its investigation into the matter after the Fortune 500 company agreed to pay a paltry penalty of less than $500,000. This week, the U.S. billion last year.

Insurance

Insurance Risk Financial Services Mining

Medical Debt Collection Firm R1 RCM Hit in Ransomware Attack

Krebs on Security

AUGUST 14, 2020

billion in 2019. The “RCM” portion of its name refers to “revenue cycle management,” an industry which tracks profits throughout the life cycle of each patient, including patient registration, insurance and benefit verification, medical treatment documentation, and bill preparation and collection from patients.

Ransomware

Ransomware Insurance Phishing IT

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

The Iranian hacker group has been attacking corporate VPNs over the past months, they have been hacking VPN servers to plant backdoors in companies around the world targeting Pulse Secure , Fortinet , Palo Alto Networks , and Citrix VPNs. ” reads the report published by Crowdstrike. Pierluigi Paganini. Pierluigi Paganini.

Access

Access Financial Services Retail Insurance

Healthcare giant Magellan Health discloses data breach after ransomware attack

Security Affairs

MAY 13, 2020

Magellan Health, a for-profit managed health care and insurance firm, was the victim of a ransomware attack. Magellan Health is a for-profit managed health care and insurance firm that ranks 417 on the Fortune 500 list of the largest US corporations by total revenue. Magellan Health Inc. Pierluigi Paganini.

Data breaches

Data breaches Ransomware Insurance Passwords

US-based children’s clothing maker Hanna Andersson discloses a data breach

Security Affairs

JANUARY 21, 2020

Security firms have monitored the activities of a dozen groups at least since 2010. . According to a joint report published by RiskIQ and FlashPoint in 2019 , some groups are more advanced than others, in particular, the gang tracked as Group 4 appears to be very sophisticated. The malware was completely removed on November 11, 2019.

Data breaches

Data breaches Retail Cloud Insurance

Maze Ransomware operators claim to have stolen millions of credit cards from Banco BCR

Security Affairs

MAY 1, 2020

The hackers claim to have compromised the Banco BCR’s network in August 2019, and had the opportunity to exfiltrate its information before encrypting the files. Banco BCR has yet to disclose the security breach. Please vote Security Affairs for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERS [link].

Ransomware

Ransomware Encryption Insurance Data breaches

Ransomware attack on MGM Resorts costs $110 Million

Security Affairs

OCTOBER 6, 2023

Specifically, the Company estimates a negative impact from the cyber security issue in September of approximately $100 million to Adjusted Property EBITDAR for the Las Vegas Strip Resorts and Regional Operations, collectively.” For a limited number of customers, Social Security numbers and passport numbers were exposed.

Ransomware

Ransomware Insurance Cybersecurity IT

Threat actors offer for sale data for 50 millions of Moscow drivers

Security Affairs

OCTOBER 24, 2021

Stolen data spans from 2006 and 2019, local media outlets have confirmed their authenticity. “The cybercriminals put up for sale for $ 800 a database of 50 million lines with the data of drivers that were registered in Moscow and the Moscow region from 2006 to 2019. . ” continues the post. Pierluigi Paganini.

Sales

Sales Insurance Analytics Authentication

Zurich chief warned that cyber attacks will become uninsurable

Security Affairs

DECEMBER 28, 2022

The chief executive of insurance giant Zurich warns that cyber attacks, rather than natural catastrophes, will become uninsurable. Mario Greco, chief executive of insurer giant Zurich, has warned that cyber attacks will become soon “uninsurable.”. What will become uninsurable is going to be cyber,” Mario Greco told the Financial Times.

Insurance

Insurance Risk Ransomware IT

NY Investigates Exposure of 885 Million Mortgage Documents

Krebs on Security

MAY 31, 2019

That measure, which went into effect in March 2019 and is considered among the toughest in the nation, requires financial companies to regularly audit and report on how they protect sensitive data, and provides for fines in cases where violations were reckless or willful. No authentication was needed to access the digitized records.

Financial Services

Financial Services Insurance Sales Authentication

The man behind Cardplanet credit card market sentenced to 9 years in prison

Security Affairs

JUNE 27, 2020

In 2019, Burkov was accused of running the online criminal marketplace, Cardplanet, according to the investigators, the site helped crooks to organize more than $20 million in credit card fraud. The membership also requested a sum of money, normally $5,000, as insurance. Pierluigi Paganini. SecurityAffairs – hacking, Cardplanet).

Marketing

Marketing Sales Insurance Access

SeaChange video delivery provider discloses REVIL ransomware attack

Security Affairs

SEPTEMBER 10, 2020

These images include a screenshot of folders on a SeaChange server compromised by the gang, insurance certificates, a driver’s license, and a cover letter for a proposal sent to the Pentagon. BadPackets reported that SeaChange had a Pulse Secure VPN server ( [link] ) vulnerable to CVE-2019-11510 from April 24, 2019 until March 24, 2020.

Ransomware

Ransomware Data breaches Insurance Encryption

Hackers breached into system that interacts with HealthCare.gov

Security Affairs

OCTOBER 21, 2018

. “The system that was hacked is used by insurance agents and brokers to directly enroll customers. Starting November 1, people can log in to HealthCare.gov, fill out an application, and enroll in a 2019 Marketplace health plan. All other sign-up systems are working.” Pierluigi Paganini.

Insurance

Insurance Personal data Access Security

The Riviera Beach City pays $600,000 in ransom

Security Affairs

JUNE 20, 2019

The internal IT staff has been working with security consultants to restore the operations, but according to them the only way to decrypt the information was to pay the ransom. . On Monday, city officials participating to a rapid meeting unanimously voted to use the city’s insurance to pay a ransom of 65 bitcoins (~$603,000).

Ransomware

Ransomware Insurance Encryption Government

SilverTerrier gang uses COVID-19 lures in BEC attacks against healthcare, government organizations

Security Affairs

MAY 9, 2020

BEC attacks continue to threaten organizations worldwide, according to the last Internet Crime Complaint Center (IC3) report , the FBI recorded 23,775 BEC attacks in 2019 that resulted in an estimated US$1.77 Please vote Security Affairs for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERS [link]. billion in global losses.

Government

Government Energy and Utilities Insurance Phishing

DoJ indicted a member of China-based hacking group behind Anthem hack

Security Affairs

MAY 9, 2019

The group is also responsible for the 2015 Health Insurer Anthem data breach. The US Department of Justice indicted Fujie Wang (32), a member of sophisticated Chinese hacking group that breached at several US companies, including the health insurer Anthem Inc. back in 2015. ” reads the press release published by DoJ.

Insurance

Insurance Data breaches Phishing Privacy

LabCorp: 7.7 Million Consumers Hit in Collections Firm Breach

Krebs on Security

JUNE 4, 2019

Securities and Exchange Commission , LabCorp. 1, 2018 and March 30, 2019. AMCA has advised LabCorp that Social Security Numbers and insurance identification information are not stored or maintained for LabCorp consumers.” But today’s disclosure by LabCorp. In a filing today with the U.S. ” ANALYSIS.

Insurance

Insurance Security Data Privacy Access

Tens of Million patients impacted by the AMCA data breach

Security Affairs

JUNE 5, 2019

Securities and Exchange Commission (SEC) Quest revealed that the attackers broke into the web payment portal of the American Medical Collection Agency between August 1, 2018 and March 30, 2019. The security breach has impacted roughly 12 million of Quest Diagnostics ‘ patients and roughly 7.7 A filing with the U.S.

Data breaches

Data breaches Insurance Sales Security

Lake City agreed to pay $500,000 in ransom, is the second case in Florida in a week

Security Affairs

JUNE 26, 2019

“On Monday June 10th, 2019, the City of Lake City was targeted by a malware attack known as ‘Triple Threat.'” Crooks made a request of a ransom a week after the initial infection, they contacted the Lake City’s insurance provider, the League of Cities, which negotiated a payment of 42 bitcoins.

Ransomware

Ransomware Insurance Government IT

Hackers Steal $41 Million worth of Bitcoin from Binance Exchange

Security Affairs

MAY 8, 2019

The good news for the customers is that its Secure Asset Fund for Users ( SAFU ) emergency insurance fund will cover the incident in full. “We have discovered a large scale security breach today, May 7, 2019 at 17:15:24 (UTC). . — CZ Binance (@cz_binance) May 8, 2019. Pierluigi Paganini.

Data breaches

Data breaches Phishing Insurance Authentication

Crooks stole millions from Bitrue Cryptocurrency Exchange

Security Affairs

JUNE 27, 2019

Dear Bitrue Users, First of all, please let us assure you that this situation is under control, 100% of lost funds will be returned to users, and we are reviewing our security measures and policies to ensure this does not happen again. — Bitrue (@BitrueOfficial) June 27, 2019. — Bitrue (@BitrueOfficial) June 27, 2019.

Insurance

Insurance Risk Access Security

Experts: Breach at IT Outsourcing Giant Wipro

Krebs on Security

APRIL 15, 2019

The security experts said Wipro’s customers traced malicious and suspicious network reconnaissance activity back to partner systems that were communicating directly with Wipro’s network. “Wipro has a multilayer security system,” the company wrote. On Friday, Apr. “A total of 44.4 “A total of 44.4

IT

IT Insurance Communications Phishing

Medical info of 49,351 patients exposed in Alomere Health hospital breach

Security Affairs

JANUARY 7, 2020

Exposed data include names, addresses, dates of birth, medical record numbers, health insurance information and diagnosis and treatment details information. Attackers also accessed Social Security numbers and driver’s license numbers for some patients. . Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Insurance

Insurance Access Security IT

US DoJ charges Iranian hackers for attacks on US satellite companies

Security Affairs

SEPTEMBER 18, 2020

The hacking campaign has been active since July 2015 and continued until at least February 2019. . According to a recently published CISA’s report , Iranian hackers from an unnamed APT group are employing several known web shells, in attacks on IT, government, healthcare, financial, and insurance organizations across the United States.

Government

Government Insurance Phishing Security

MY TAKE: NIST Cybersecurity Framework has become a cornerstone for securing networks

The Last Watchdog

APRIL 30, 2019

I had the chance at RSA 2019 to visit with George Wrenn, founder and CEO of CyberSaint Security , a cybersecurity software firm that plays directly in this space. Then you have the folks whose security programs have run out of steam and they’re looking for a way to prove that they’re doing due care,” Wrenn said.

Cybersecurity

Cybersecurity Insurance Security Privacy

Oregon Department of Human Services data breach impacted 645,000 clients

Security Affairs

JUNE 20, 2019

.” Individuals impacted by the data breach were enrolled in the department’s welfare and children services programs at the time of the security incident. The department was hit by a phishing campaign on January 8, 2019, and at least nine employees have been deceived in the attack. ” reads the Associated Press.

Data breaches

Data breaches Phishing Insurance Risk

Group-IB presents its annual report on global threats to stability in cyberspace

Security Affairs

NOVEMBER 29, 2019

Group-IB, has analyzed key recent changes to the global cyberthreat landscape in the “Hi-Tech Crime Trends 2019/2020” report. According to Group-IB’s experts, the most frustrating trend of 2019 was the use of cyberweapons in military operations. As for 2019, it has become the year of covert military operations in cyberspace.

IT

IT Military Cybersecurity Phishing

First American Financial exposed 16 years’ worth of personal and financial documents

Security Affairs

MAY 27, 2019

The US real-estate insurance biz, First American Financial, accidentally leaked customers’ highly personal files online, hundreds of millions of documents. The US real-estate insurance company First American Financial Corp. At the time of writing, First American Financial has updated its website and secured the documents.

Insurance

Insurance Access Security Privacy

New Hampshire Governor Signs Insurance Data Security Law

Hunton Privacy

AUGUST 6, 2019

On August 2, 2019, New Hampshire Governor Chris Sununu signed into law SB 194 (the “Bill”), which requires insurers licensed in the state (“licensees”) to put in place data security programs and report cybersecurity events. Key provisions of the Bill include: Information Security Program. Incident Response Plan.

Insurance

Insurance Security Cybersecurity Information Security

Alabama Hospital chain paid ransom to resume operations after ransomware attack

Security Affairs

OCTOBER 13, 2019

The hospital chain hasn’t revealed the amount it has paid to the crooks to decrypt the data, it seems that an insurance covered the cost. “As time goes by, and we determine the full impact of this, we will be very grateful we had cyber insurance in place.” ” continues the post. Pierluigi Paganini.

Ransomware

Ransomware Insurance Paper Government

The city of Racine was offline following a ransomware attack

Security Affairs

FEBRUARY 4, 2020

“MIS worked over the weekend with the city’s cybersecurity insurer “to develop a detailed plan to restore and recover systems without spreading the ransomware,” according to a statement from Powell. “We The post The city of Racine was offline following a ransomware attack appeared first on Security Affairs. Pierluigi Paganini.

Ransomware

Ransomware Government Insurance Cybersecurity

Swarmshop – What goes around comes around: hackers leak other hackers’ data online

Security Affairs

APRIL 8, 2021

The cardshop has been operating since at least April 2019, and by March 2021, it had more than 12K user base and over 600K payment card records on sale. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. The total amount deposited on all the accounts was at $18,145.73 ever since. Pierluigi Paganini.

Passwords

Passwords Insurance Personal data Sales

Myrocket HR platform’s data leak turns into privacy nightmare for employees

Security Affairs

JANUARY 18, 2023

The security loophole resulted in millions of private documents being revealed to the public. Researchers found about 435,000 payslips, 300 tax filings, 3,800 insurance payment documents, and 21,000 salary sheets belonging to various companies using the HR platform’s services. adrotate banner=”5″].

Privacy

Privacy Insurance Personal data Access

Spike in “Chain Gang” Destructive Attacks on ATMs

Krebs on Security

JULY 9, 2021

Tracey Santor is the bond product manager for Travelers , which insures a large number of financial institutions against this type of crime. In 2019, the average amount stolen in a traditional bank robbery was just $1,797, according to the FBI. In nearly all cases, the perpetrators are done in less than five minutes.

Insurance

Insurance Mining IT Risk

Arthur J. Gallagher (AJG) insurance giant discloses ransomware attack

American Insurance firm State Farm victim of credential stuffing attacks

Webinars

Trending Sources

First American Financial Corp. Leaked Hundreds of Millions of Title Insurance Records

Webinars

Thousands of Humana customers have their medical data leaked online by threat actors

Experian’s Credit Freeze Security is Still a Joke

NY Charges First American Financial for Massive Data Leak

Hackers Were Inside Citrix for Five Months

SeaChange video delivery software solutions provider hit by Sodinokibi ransomware

Volkswagen discloses data breach, 3.3 million customers impacted

Vertafore data breach exposed data of 27.7 million Texas drivers

First American Financial Pays Farcical $500K Fine

Medical Debt Collection Firm R1 RCM Hit in Ransomware Attack

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Healthcare giant Magellan Health discloses data breach after ransomware attack

US-based children’s clothing maker Hanna Andersson discloses a data breach

Maze Ransomware operators claim to have stolen millions of credit cards from Banco BCR

Ransomware attack on MGM Resorts costs $110 Million

Threat actors offer for sale data for 50 millions of Moscow drivers

Zurich chief warned that cyber attacks will become uninsurable

NY Investigates Exposure of 885 Million Mortgage Documents

The man behind Cardplanet credit card market sentenced to 9 years in prison

SeaChange video delivery provider discloses REVIL ransomware attack

Hackers breached into system that interacts with HealthCare.gov

The Riviera Beach City pays $600,000 in ransom

SilverTerrier gang uses COVID-19 lures in BEC attacks against healthcare, government organizations

DoJ indicted a member of China-based hacking group behind Anthem hack

LabCorp: 7.7 Million Consumers Hit in Collections Firm Breach

Tens of Million patients impacted by the AMCA data breach

Lake City agreed to pay $500,000 in ransom, is the second case in Florida in a week

Hackers Steal $41 Million worth of Bitcoin from Binance Exchange

Crooks stole millions from Bitrue Cryptocurrency Exchange

Experts: Breach at IT Outsourcing Giant Wipro

Medical info of 49,351 patients exposed in Alomere Health hospital breach

US DoJ charges Iranian hackers for attacks on US satellite companies

MY TAKE: NIST Cybersecurity Framework has become a cornerstone for securing networks

Oregon Department of Human Services data breach impacted 645,000 clients

Group-IB presents its annual report on global threats to stability in cyberspace

First American Financial exposed 16 years’ worth of personal and financial documents

New Hampshire Governor Signs Insurance Data Security Law

Alabama Hospital chain paid ransom to resume operations after ransomware attack

The city of Racine was offline following a ransomware attack

Swarmshop – What goes around comes around: hackers leak other hackers’ data online

Myrocket HR platform’s data leak turns into privacy nightmare for employees

Spike in “Chain Gang” Destructive Attacks on ATMs

Stay Connected