eSecurity Planet

SEPTEMBER 21, 2024

Health Insurance Portability & Accountability Act (HIPAA) The Health Insurance Portability and Accountability Act (HIPAA) sets standards for protecting sensitive health information, particularly electronic health records (EHRs). This includes administrative, physical, and technical safeguards like encryption and access controls.

Cybersecurity 120

Cybersecurity Computer and Electronics Compliance Privacy 120

eDiscovery Daily

AUGUST 4, 2023

By Catherine Ostheimer Being responsive to the growing number of Access Requests and DSARS as a local government organization can be daunting. Other burdens are resource constraints, including limited budgets, staff, and access to affordable technology. Educate and train staff. First, there’s the data management challenge.

Government 58

Government Access Insurance GDPR 58

Security Affairs

NOVEMBER 12, 2023

The software vulnerability was exploited by a group of cybercriminals and allowed them to access and download files belonging to certain agencies in the State of Maine between May 28, 2023, and May 29, 2023.” The type of data accessed by the threat actors varies on the individual and their association with the State.

Data breaches 136

Data breaches Insurance Education Cybersecurity 136

Security Affairs

SEPTEMBER 19, 2018

Security experts at Flashpoint discovered the availability of the access to over 3,000 compromised sites sold on Russian black marketplace MagBo. A new report published by researchers at Flashpoint revealed the availability on an underground hacking forum for Russian-speaking users of access to over 3,000 breached websites.

Access 107

Access Mining Insurance Sales 107

Security Affairs

MAY 1, 2023

Bitmarck, one of the largest IT service providers for social insurance carriers in Germany, announced yesterday that it has suffered a cyber attack. The incident impacted statutory health insurance companies that have their IT operated by BITMARCK.

IT 97

IT Insurance Data breaches Education 97

IT Governance

DECEMBER 5, 2023

It also appears that the data was accessed: the Readme bot “partially destroyed” the open instance, injecting a ransom note with a bitcoin wallet address to send a payment to in exchange for the files. Source (New) Education USA Yes 1,493 Kimber Mfg., Some payment card data was also exposed. Data breached: over 300 million records.

Data Privacy 92

Data Privacy Privacy Manufacturing Retail 92

IT Governance

DECEMBER 11, 2023

Researchers from the German cyber security company Aplite discovered 3,806 servers from 111 countries accessible on the Internet. Source (New) Transport USA Yes 129,611 Tcman Source (New) Manufacturing Spain Yes 108 GB (179 files) Compass Group Italia Source (New) Hospitality Italy Yes 107 GB Pan-American Life Insurance Group, Inc.

Data Privacy 89

Data Privacy Energy and Utilities Privacy Manufacturing 89

Krebs on Security

AUGUST 5, 2024

. “For the longest time, they didn’t even want to cause a big headline, but they probably felt compelled to create that leaks site because they wanted to show they were serious and that they were going to post victim data and make it accessible.” Further reading: ThreatLabz ransomware report (PDF).

Ransomware 225

Ransomware Healthcare Insurance Cybersecurity 225

Krebs on Security

DECEMBER 8, 2022

Holden said the internal discussions among the Venus group members indicate this gang has no problem gaining access to victim organizations. Continuously educating and informing staff about the risks and methods used by cybercriminals to launch attacks and steal data. “They are targeting a lot of U.S. ”

Ransomware 283

Ransomware Metadata Insurance Encryption 283

Security Affairs

SEPTEMBER 13, 2024

The network also includes a children’s hospital, rehabilitation centers, and partnerships with academic institutions to support medical education and research. ” The investigation revealed that the ransomware gang had access to the personal data of at least 134,000 individuals, including cancer patients.

Data breaches 115

Data breaches Ransomware Insurance Education 115

Data Protection Report

MARCH 7, 2024

The IT services provided under the contract involve access to the medical facility’s systems containing the bulk personal health data. The software-development services provided by the covered person under the contract involve access to the bulk precise geolocation data and biometric identifiers. (at Example 22. person users.

Access 59

Access Military Compliance Personal data 59

Security Affairs

NOVEMBER 23, 2023

. “After a full reconstruction of our systems and historical data, the investigation determined on August 11, 2023 that an unauthorized actor exploited software vulnerabilities, accessed the MOVEit Transfer server on May 30, 2023, and exfiltrated certain data from the MOVEit Transfer server during that time. million Genworth 2.5

Data breaches 122

Data breaches Insurance Ransomware Education 122

AIIM

FEBRUARY 25, 2020

Hear Riley McIntosh from Pacific Life Insurance and Alison Clarke from OpenText talk about how Pacific Life took their Records Management program and transformed it from a risk-based program to an information value-based program using process efficiencies and automation. Click here to access our full library of episodes.

Records Management 104

Records Management Insurance Libraries Education 104

Hunton Privacy

OCTOBER 14, 2021

Additional bills, amending the California Confidentiality of Medical Information Act (“CMIA”) and the California Insurance Code, also were also signed into law. 3) a notice that the consumer’s deidentified genetic or phenotypic information may be shared with or disclosed to third parties for research purposes.

Privacy 98

Privacy Insurance Security Data breaches 98

The Last Watchdog

OCTOBER 5, 2023

Byron: Companies often underestimate threats, neglect basic cyber hygiene, and fail to educate employees on cybersecurity. Byron: It’s gone from simple file encryption to multifaceted, multi-staged attacks that leverage Dark Web services, such as initial access brokers (IABs,) as well as make use of Living off the Land (LotL) embedded tools.

Cybersecurity 203

Cybersecurity Privacy Cloud IoT 203

eSecurity Planet

JULY 12, 2022

Cyber Insurer Provides Help. As Spectra Logic had the foresight to take out cyber insurance , Chubb representatives were professional and helpful, according to Mendoza. Forensic analysis of the breach came to a quick conclusion – a phishing attempt had tricked a user with privileged access into clicking on a malicious link.

Ransomware 144

Ransomware Insurance Cybersecurity Passwords 144

Security Affairs

FEBRUARY 26, 2021

Inova is an actuarial consultancy company, which means they compile statistical analysis and calculate insurance risks and premiums. Document sent to the insurance company by the victim’s lawyer. These documents’ total size was more than 20GB, and it was accessible by anyone who found the S3 bucket.

Data breaches 118

Data breaches Insurance Paper Access 118

Security Affairs

AUGUST 14, 2023

The incident is the result of a MOVEit attack on IBM, threat actors accessed the personal and health information of the impacted individuals. HCPF’s primary focus is on providing access to affordable and quality healthcare services for eligible individuals and families. ” reads the reads the notice. by the company.

Data breaches 98

Data breaches Ransomware Education Access 98

Security Affairs

DECEMBER 16, 2023

Its mission is to improve the lives of people worldwide through research, clinical care and education. Threat actors had access to its infrastructure. Our forensic team is continuing to conduct an assessment of the data accessed and we will provide further updates as we have them.” ” reported the Seattle Times. “If

Ransomware 136

Ransomware Insurance Education Marketing 136

The Last Watchdog

DECEMBER 12, 2023

Ongoing education and skill development requires educating teams and ensuring employees become proactive contributors to organizational defense. Camellia Chan , Co-Founder and CEO, Flexxon Chan In a single month, major breaches hit MGM, DP World Australia, Philippine Health Insurance – just to name a few.

Cybersecurity 258

Cybersecurity Phishing Authentication Analytics 258

IT Governance

JANUARY 23, 2024

Source (New) Real estate USA Yes 46,906 Hampton-Newport News Community Services Board Source 1 ; source 2 ; source 3 (New) Healthcare USA Yes 44,312 Air Methods Source 1 ; source 2 (New) Healthcare USA Yes 34,016 GREYHOURS Source (New) Retail France Yes 18,700 Groveport Madison Schools Source 1 ; source 2 ; source 3 (Update) Education USA Yes 15.5

Data Privacy 52

Data Privacy Privacy Manufacturing Security 52

Adam Levin

JUNE 4, 2021

Exagrid paid the ransom May 13, after several days of negotiation with the attackers, who claimed to have had access to their systems for over a month. Practice the 3Ms: Minimize your risk of exposure: Don’t take unnecessary risks and invest in cyber defenses and education. medical and first responder networks over the last year.

Ransomware 115

Ransomware Insurance Education Risk 115

IT Governance

APRIL 22, 2024

GhostR says it obtained the records from a Singapore-based company with access to the database. Mobile Guardian, which is used to help parents manage their children’s device usage, was hacked on 19 April, according to the Singaporean Ministry of Education. Account records from the United States were also accessed.

Data Privacy 52

Data Privacy Privacy Manufacturing Security 52

IT Governance

JUNE 1, 2023

MCNA Insurance MCNA Insurance, also known as MCNA Dental, was caught up in a cyber hacking incident last week, in which 112 covered entities were affected. MCNA Insurance later confirmed that 8,923,662 people were affected in the incident and said the breach was a result of a ransomware attack. million people.

Data breaches 118

Data breaches Insurance Personal data Ransomware 118

Security Affairs

JULY 6, 2020

Xchanging is a business process and technology services provider and integrator, which provides technology-enabled business services to the commercial insurance industry. Xchanging is primarily an insurance managed services business that operates on a standalone basis.”

Ransomware 98

Ransomware Insurance Financial Services Manufacturing 98

IT Governance

MAY 3, 2022

Two staff fired for patient privacy breaches at Campbellford Memorial Hospital (500) Food delivery service Yandex blames insiders for data leak (unknown) Block confirms Cash App breach after former employee accessed customer data (8.2 million) Deaconess Health employee viewed women’s personal, medical data without cause (unknown).

Data breaches 124

Data breaches Ransomware Phishing Insurance 124

IT Governance

NOVEMBER 7, 2022

As a result, the personal data of 244,850 patients was compromised – which likely includes patients’ names and numbers, but protected health information such as dates of birth and health insurance numbers might also be affected. You can help educate your staff with IT Governance’s Phishing Staff Awareness Training Programme.

Phishing 115

Phishing Retail Data breaches Insurance 115

Hunton Privacy

SEPTEMBER 1, 2020

Not disclosing, subject to specified exceptions, a consumer’s genetic data to certain entities ( e.g. , those responsible for making decisions regarding health insurance, life insurance or employment). The bill is pending California Governor Gavin Newsom’s signature. Violations of the Act are subject to civil penalties.

Privacy 85

Privacy Insurance Marketing Information governance 85

AIIM

APRIL 3, 2019

In other places around the world, it means that information, and access to it, will become more readily available and can be accessed from anywhere around the world. This means that someone in Ghana can chat with someone in Chicago easily with uninterrupted access. This is what the Internet of Things truly boils down to.

IoT 166

IoT Education Access Insurance 166

Information Governance Perspectives

APRIL 5, 2023

John Danenberger, CPCU, is Corporate Counsel at State Farm Insurance and specializes in addressing emerging issues around telematics. In 2015, he successfully transitioned from a military career as a trial attorney for the JAG Corps to working in telematics in corporate America for State Farm Insurance.

Insurance 52

Insurance Military Manufacturing Artificial Intelligence 52

DLA Piper Privacy Matters

SEPTEMBER 14, 2021

These sectors include: insurance (both general and health insurance); groceries; loyalty schemes; non-bank lenders; superannuation; transport; government; health; education; and. agriculture. Sector designation. the potential for competition and innovation in the relevant sector and the Australian economy more broadly.

Agriculture 100

Agriculture Insurance Customer Experience Privacy 100

IT Governance

JANUARY 9, 2024

They accessed 41.5 million customers’ data having gained access via a vulnerability in Hathaway’s Laravel web application framework. million individuals affected HealthEC LLC, a health technology company, has announced that it suffered a data breach in July 2023, in which systems were accessed and files were copied.

Data Privacy 58

Data Privacy Privacy Data breaches Manufacturing 58

Hunton Privacy

JUNE 22, 2020

heath records or records of a wellness program or similar program of health promotion or disease prevention, a health care professional’s medical diagnosis or treatment of the consumer or a health insurance policy number. The law is enforceable by the Vermont Attorney General.

Data breaches 107

Data breaches Privacy Education Data Privacy 107

Hunton Privacy

APRIL 18, 2023

The bill also contains a number of exemptions, including exceptions for financial institutions, affiliates, and data subject to Title V of the Gramm-Leach-Bliley Act, covered entities and business associates under the Health Insurance Portability and Accountability Act of 1996, nonprofit organizations and institutions of higher education.

Privacy 132

Privacy Personal data Sales Insurance 132

IT Governance

DECEMBER 19, 2023

According to Delta Dental’s breach notification, affected personal data included addresses, Social Security numbers, driver’s license numbers or other state identification numbers, passport numbers, financial account information, tax identification numbers, individual health insurance policy numbers and health information. Wolasky P.A.

Data Privacy 52

Data Privacy Manufacturing Privacy Energy and Utilities 52

Security Affairs

SEPTEMBER 23, 2023

Once obtained access to the City’s network, the group performed reconnaissance and information-gathering activities using legitimate third-party remote management tools. “Royal’s initial access utilized the basic service domain service account, connecting to a server. ” reads the report.

Ransomware 129

Ransomware Encryption Systems administration Cybersecurity 129

IT Governance

OCTOBER 24, 2023

Incident details: An unauthorised party gained access to some employee email accounts and the information within them, including demographic, medical and financial information. It turned out that an unauthorised party had accessed and downloaded its business records, including files containing personal data.

Data Privacy 96

Data Privacy Privacy Security Data breaches 96