eSecurity Planet

AUGUST 27, 2021

BitSight is a Leader in the Forrester Wave report for Cybersecurity Risk Rating Platforms in 2021. Black Kite is a Contender in the Forrester Wave report for Cybersecurity Risk Rating Platforms in 2021. A bonafide unicorn , OneTrust launched in 2016 to offer privacy management and marketing compliance solutions. ServiceNow VRM.

Risk 130

Risk Compliance Marketing Cybersecurity 130

Hunton Privacy

FEBRUARY 25, 2021

As reported on the Hunton Insurance Recovery blog , on February 4, 2021, the New York Department of Financial Services (“NYDFS”), which regulates the business of insurance in New York, has issued guidelines, in the Insurance Circular Letter No. sought coverage for expenses under its property insurance policy.

Insurance 70

Insurance Cybersecurity Risk Education 70

IT Governance

SEPTEMBER 1, 2021

Travel and medical insurance provider guard.me Travel and medical insurance provider guard.me The post List of data breaches and cyber attacks in August 2021 – 61 million records breached appeared first on IT Governance UK Blog. Cyber attacks. Ransomware. Data breaches. Financial information. In other news…. Cyber attacks.

Data breaches 140

Data breaches Ransomware Insurance Data migration 140

Data Matters

AUGUST 9, 2021

In recent weeks, Connecticut passed An Act Concerning Data Privacy Breaches (“The Act”), and the Uniform Law Commission approved and recommended the Uniform Personal Data Protection Act (“UPDPA”). Connecticut: An Act Concerning Data Privacy Breaches. Uniform Personal Data Protection Act.

Data breaches 86

Data breaches Privacy Personal data Data Privacy 86

IT Governance

NOVEMBER 1, 2021

And don’t forget to check out our Q3 2021 data breaches and cyber attacks quarterly review , in which we take a closer look at the information gathered in our monthly lists. The post List of data breaches and cyber attacks in October 2021 – 51.2 Cyber attacks. Ransomware. Data breaches.

Data breaches 115

Data breaches Ransomware Government Education 115

IT Governance

JULY 1, 2021

We found a comparatively low 9,780,931 breached records from publicly disclosed security incidents in June 2021. The post List of data breaches and cyber attacks in June 2021 – 9.8 But don’t be fooled by that number – it comes from 106 incidents, which is roughly average for the year. million drivers’ details (3.3

Data breaches 129

Data breaches Ransomware Computer and Electronics Retail 129

Hunton Privacy

OCTOBER 6, 2021

On September 30, 2021, the U.S. Department of Health and Human Services’ (“HHS”) Office for Civil Rights (“OCR”) issued guidance regarding when the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Privacy Rule applies to disclosures and requests for information about a person’s COVID-19 vaccination status.

Privacy 108

Privacy Insurance IT 108

Hunton Privacy

JULY 1, 2022

(“Carnival”), the world’s largest cruise-ship operator, for violations of the Cybersecurity Regulation (23 NYCRR Part 500) in connection with four cybersecurity events between 2019 and 2021, including two ransomware events. .

Cybersecurity 115

Cybersecurity Insurance Phishing Financial Services 115

IT Governance

APRIL 1, 2021

The post List of data breaches and cyber attacks in March 2021 – 21 million records breached appeared first on IT Governance UK Blog. hit by cyber criminals (7.3 Financial information.

Data breaches 125

Data breaches Ransomware Manufacturing e-Delivery 125

Thales Cloud Protection & Licensing

DECEMBER 22, 2020

Cross-Border Data Privacy and Security Concerns in the Dawn of Quantum Computing. Traditionally, privacy has taken the form of a policy document created, housed, and referenced by the offices of general counsel and compliance at most organizations. Data privacy is not a check-the-box compliance or security item. In the Dec.

Data Privacy 118

Data Privacy Privacy Security Encryption 118

Data Matters

SEPTEMBER 7, 2022

The National Association of Insurance Commissioners (NAIC) held its Summer 2022 National Meeting (Summer Meeting) August 9–13, 2022. 1. NAIC to Develop New Privacy Model Law. This post summarizes the highlights from this meeting in addition to interim meetings held in lieu of taking place during the Summer Meeting.

Insurance 78

Insurance Paper Privacy Risk 78

Hunton Privacy

OCTOBER 15, 2021

On October 12, 2021, New Jersey Acting Attorney General Andrew J. The Division of Consumer Affairs alleged that the fertility clinic violated the New Jersey Consumer Fraud Act and the federal Health Insurance Portability and Accountability Act’s (“HIPAA”) Privacy and Security Rules by removing protected health information (“PHI”) safeguards.

Data breaches 103

Data breaches Privacy Information Security Insurance 103

eSecurity Planet

JANUARY 21, 2021

Data privacy regulations like the EU’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) can be hard to navigate for businesses of any size, but GRC tools can simplify and streamline compliance with all of the requirements. Privacy governance and management. Riskonnect. Back to top.

Compliance 67

Compliance Risk Government Retail 67

IT Governance

NOVEMBER 28, 2023

The dashboard was first spotted in June 2021. The post The Week in Cyber Security and Data Privacy: 20 – 26 November 2023 appeared first on IT Governance UK Blog. Breached records: more than 56 million. In the meantime, if you missed it, check out last week’s round-up.

Data Privacy 52

Data Privacy Privacy Energy and Utilities Data breaches 52

IT Governance

FEBRUARY 14, 2024

Compromised data includes policyholders’ and their families’ civil status, dates of birth and social security numbers, as well as the name of their health insurer and information relating to their contracts. The previous record figure – $983 million – was set in 2021. GB Signature Performance, Inc.

Data Privacy 52

Data Privacy Manufacturing Privacy Security 52

Security Affairs

NOVEMBER 8, 2023

The company notified law enforcement authorities, including local police departments, Ontario Provincial Police, Interpol and the FBI, and all relevant regulatory organizations including the Ontario Information and Privacy Commissioner. Bluewater Health hospital confirmed that threat actors stole a database containing information on 5.6

Ransomware 117

Ransomware Insurance Access Phishing 117

Security Affairs

NOVEMBER 10, 2023

Exposed information varied by individual and may include some combination of certain individuals’ names, social Security number, health insurance information, date of birth, and medical information. Protecting the privacy and interests of your customers is nothing more than lip service. million of their patients.

Data breaches 111

Data breaches Ransomware Insurance Manufacturing 111

DLA Piper Privacy Matters

AUGUST 23, 2021

In good news for organisations handling personal information, China’s Personal Information Protection Law (“ PIPL ”) was finalised on 20 August 2021, and will come into force on 1 November 2021. To be clear, this is not China’s own GDPR.

Data Privacy 111

Data Privacy Privacy Compliance Analytics 111

Data Protection Report

DECEMBER 8, 2022

Norton Rose Fulbright Canada’s cyber litigation team recently obtained an order in favour of an insurer, granting it relief from forfeiture in respect of more than 11 bitcoins from the assets seized from a prolific ransomware gang. [1] In early 2021, Sebastien Vachon-Desjardins was apprehended by the RCMP.

Ransomware 98

Ransomware Insurance IT Data breaches 98

IT Governance

OCTOBER 31, 2023

Publicly disclosed data breaches and cyber attacks France says Russian state hackers breached numerous critical networks Date of breach: From second half of 2021 (reported 26 October 2023). The post The Week in Cyber Security and Data Privacy: 23–29 October 2023 appeared first on IT Governance UK Blog.

Data Privacy 52

Data Privacy Privacy Security Data breaches 52

Data Matters

AUGUST 30, 2021

Through its announcement of settled charges against Pearson plc (Pearson) on August 16, 2021, the U.S. 2 The SEC’s Pearson Order follows its June 2021 announcement that it had settled charges against First American Title Insurance Company (First American) for cybersecurity disclosure control failures. 16, 2021).

Cybersecurity 94

Cybersecurity Risk Data Privacy Passwords 94

Hunton Privacy

FEBRUARY 22, 2021

The NYDFS learned of the threat after receiving reports from auto insurers that cybercriminals were targeting their premium quote sites to steal driver’s license numbers. NYDFS attributes the growing threat activity, in part, to heightened fraud during the COVID-19 pandemic.

Financial Services 86

Financial Services Insurance Cybersecurity Analytics 86

HL Chronicle of Data Protection

MAY 13, 2019

In the past two years, multiple state bills that have been introduced in the US to provide for cybersecurity requirements and standards to the insurance sector, with recent legislative activity taking place in particular within the States of Ohio, South Carolina, and Michigan. NYDFS: Setting a new bar for state cybersecurity regulation.

Insurance 40

Insurance Cybersecurity Data breaches Financial Services 40

Hunton Privacy

SEPTEMBER 22, 2022

OCR alleged that, on March 31, 2021, a specimen containing PHI was found by a third-party security guard in the parking lot of the New England Dermatology and Laser Center (“NEDLC”). First, NEDLC allegedly failed to maintain appropriate safeguards to protect the privacy of PHI,” as required by 45 C.F.R. Designation of Privacy Official.

Privacy 58

Privacy Compliance Insurance IT 58

Hunton Privacy

MAY 29, 2020

2019) (the “PDPA”) has been delayed until May 31, 2021. If any data controller is unsure as to whether it falls within the scope of those listed in the Royal Decree as being exempt from compliance with the PDPA until May 31, 2021, it may seek advice from the Personal Data Protection Committee. 2563 (2020) (the “Royal Decree”).

Personal data 84

Personal data Compliance Insurance IT 84

Data Matters

SEPTEMBER 3, 2020

The National Association of Insurance Commissioners (NAIC) held its Summer 2020 National Meeting (Summer Meeting) from July 27 to August 14, 2020. NAIC Considers Comments to the Group Capital Calculation Template and Instructions and Related Revisions to the Insurance Holding Company Act . GCC Template and Instructions.

Insurance 66

Insurance Paper Artificial Intelligence Big data 66

IT Governance

JUNE 1, 2023

We break down the month’s cyber security landscape for each month, and you can find more information about our list and the biggest security incidents of the month. million) Clinical test data stolen from biotech company Enzo Biochem (2.47 million) Apria Healthcare suffers security breach (1.8

Data breaches 92

Data breaches Ransomware Insurance Personal data 92

Thales Cloud Protection & Licensing

NOVEMBER 9, 2021

Tue, 11/09/2021 - 11:20. The increasing legal exposure for global enterprises that need to comply with more and more security privacy regulations. This trust is transformed into value because when the overall risk is decreasing, the cyber insurance cost is reduced as well. This is called shared fate.

Cloud 123

Cloud Security Encryption Insurance 123

DLA Piper Privacy Matters

FEBRUARY 28, 2022

The Data Protection Commission (DPC) has published its 2021 Annual Report , highlighting key observations, emerging guidance, and large-scale inquiries and decisions of 2021. The DPC received a total of 6,549 valid notifications of personal data breaches in 2021. Complaints Handling.

Financial Services 97

Financial Services Data breaches Personal data Compliance 97

Hunton Privacy

SEPTEMBER 17, 2021

On September 13, 2021, the Federal Trade Commission published final revisions to five rules promulgated pursuant to the Fair Credit Reporting Act (“FCRA”), to clarify that the rules apply only to motor vehicle dealers. The final revisions were made to bring the rules in line with the Dodd-Frank Wall Street Reform and Consumer Protection Act.

Insurance 128

Insurance Marketing Risk IT 128

IT Governance

JUNE 1, 2022

State Bar of Georgia investigating cyber attack (unknown) US Department of Defense tricked into paying $23.5 If you’re facing a cyber security disaster, IT Governance is here to help. Our Cyber Incident Response service provides the help you need to deal with the threat, as our experts guide you through the recovery process. Financial information.

Data breaches 125

Data breaches Ransomware Phishing Education 125

Data Matters

JUNE 24, 2021

On June 15, 2021, the SEC announced settled charges against First American Title Insurance Company (First American) for disclosure controls and procedures violations related to a cybersecurity vulnerability that exposed sensitive customer information. This resolution highlights the SEC’s continued focus on cybersecurity. 20, 2017).

Cybersecurity 66

Cybersecurity Financial Services Risk Compliance 66

Data Protection Report

APRIL 7, 2022

The first regulator was the French data protection authority, the CNIL, in 2021, which we wrote about here. Privacy Shield. As we noted at the top, the FTC joins a growing list of regulators who are purposefully emphasizing the over retention of data as being its own independent privacy failure and a reason for the $500,000 payment.

Privacy 114

Privacy Compliance Insurance Data collection 114

Data Protection Report

NOVEMBER 16, 2022

2022 has been a record year for Illinois Biometric Information Privacy Act (“BIPA”) litigation. Since its enactment in 2008, BIPA has been one of the most litigated privacy-related laws with some of the highest penalties. 2021 IL App (1st) 200563, addressed the question of statute of limitations for BIPA claims.

Financial Services 98

Financial Services Privacy Compliance Insurance 98

Hunton Privacy

JULY 16, 2021

On July 13, 2021, federal bank regulators – the Board of Governors of the Federal Reserve System (the “Board”), the Federal Deposit Insurance Corporation (“FDIC”) and the Office of the Comptroller of the Currency (“OCC”) (collectively, the “Regulators”) – requested public comment on proposed joint guidance regarding banking organizations’ management (..)

Risk 81

Risk Insurance Sales Encryption 81

Data Protection Report

OCTOBER 3, 2021

Effective October 1, 2021, an amendment [1] to the Connecticut General Statute concerning data privacy breaches, Section 36a-701b, will impact notification obligations in several significant ways.

Data breaches 142

Data breaches IT Insurance Passwords 142

Data Matters

OCTOBER 12, 2021

As articulated in President Biden’s May 2021 Executive Order , Improving the Nation’s Cybersecurity , “[t]he United States faces persistent and increasingly sophisticated malicious cyber campaigns that threaten the public sector, the private sector, and ultimately the American people’s security and privacy.”

Data breaches 94

Data breaches Security Compliance Cloud 94