Data Protection Report

OCTOBER 17, 2024

On October 16, 2024, the New York Department of Financial Services (“NYDFS” or “DFS”) issued guidance raising awareness about combatting cybersecurity risks arising from artificial intelligence (“AI”) used by DFS licensees, such as insurers and virtual currency businesses.

Artificial Intelligence 56

Artificial Intelligence Financial Services Risk Cybersecurity 56

Thales Cloud Protection & Licensing

JANUARY 16, 2024

Key recommendations for Financial Services to improve cybersecurity and resilience in multi-clouds madhav Wed, 01/17/2024 - 05:46 The Digital Operational Resilience Act (DORA) will apply to the EU financial sector from 17 January 2025. As set out in its Article 2, DORA applies to the entire financial services sector.

Financial Services 83

Financial Services Cloud Cybersecurity Encryption 83

IBM Big Data Hub

DECEMBER 1, 2023

Insurers struggle to manage profitability while trying to grow their businesses and retain clients. Large, well-established insurance companies have a reputation of being very conservative in their decision making, and they have been slow to adopt new technologies.

Insurance 96

Insurance Digital transformation Customer Experience Cloud 96

Hunton Privacy

FEBRUARY 22, 2021

The NYDFS learned of the threat after receiving reports from auto insurers that cybercriminals were targeting their premium quote sites to steal driver’s license numbers. The NYDFS learned of the threat after receiving reports from auto insurers that cybercriminals were targeting their premium quote sites to steal driver’s license numbers.

Financial Services 86

Financial Services Insurance Cybersecurity Analytics 86

Data Breach Today

JANUARY 25, 2023

Former Bugcrowd, Cylance, Optiv, RSA Leader Focused on Expanding in Europe and Asia Privileged access management vendor Delinea has hired longtime RSA sales leader David Castignola to expand beyond North America as well as in nonregulated industries.

Financial Services 130

Financial Services Sales Insurance Access 130

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services 66

Financial Services Cybersecurity Insurance Risk 66

Krebs on Security

JULY 23, 2020

In May 2019, KrebsOnSecurity broke the news that the website of mortgage title insurance giant First American Financial Corp. based First American [ NYSE:FAF ] is a leading provider of title insurance and settlement services to the real estate and mortgage industries. It employs some 18,000 people and brought in $6.2

Insurance 313

Insurance Financial Services Mining Access 313

Thales Cloud Protection & Licensing

OCTOBER 24, 2024

New Cybersecurity Rules for Financial Institutions in New York State Take Effect November 1, 2024 madhav Fri, 10/25/2024 - 06:09 The next major deadline for compliance with the updated cybersecurity rules from the New York State Department of Financial Services (NYDFS) is November 1, 2024.

Cybersecurity 62

Cybersecurity Financial Services Encryption Compliance 62

Security Affairs

AUGUST 7, 2019

The American group of insurance and financial services companies State Farm disclosed a credential stuffing attack it has suffered in July. The American group of insurance and financial services companies State Farm revealed that it was the victim of a credential stuffing attack it has suffered in July.

Insurance 102

Insurance Data breaches Financial Services Passwords 102

Security Affairs

AUGUST 20, 2024

In December 2023, Toyota Financial Services (TFS) warned customers it had suffered a data breach that exposed sensitive personal and financial data. Toyota Financial Services (TFS) is the finance arm of the Toyota Motor Corporation. The Medusa group has now published the stolen data on its Tor leak site.

Data breaches 113

Data breaches Financial Services Archiving Passwords 113

Krebs on Security

MAY 31, 2019

No authentication was needed to access the digitized records. On May 29, The New York Times reported that the inquiry by New York’s Department of Financial Services is likely to be followed by other investigations from regulators and law enforcement. ”

Financial Services 223

Financial Services Insurance Sales Authentication 223

Krebs on Security

JUNE 18, 2021

The SEC says First American derives nearly 92 percent of its revenue from its title insurance segment, earning $7.1 Title insurance protects homebuyers from the prospect of someone contesting their legitimacy as the new homeowner. Title insurance is not mandated by law, but most lenders require it as part of any mortgage transaction.

Insurance 297

Insurance Risk Financial Services Mining 297

Hunton Privacy

FEBRUARY 25, 2021

As reported on the Hunton Insurance Recovery blog , on February 4, 2021, the New York Department of Financial Services (“NYDFS”), which regulates the business of insurance in New York, has issued guidelines, in the Insurance Circular Letter No. sought coverage for expenses under its property insurance policy.

Insurance 70

Insurance Cybersecurity Risk Education 70

Security Affairs

SEPTEMBER 1, 2020

Iran-linked APT group Pioneer Kitten is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers. Iran-linked APT group Pioneer Kitten, also known as Fox Kitten or Parisite, is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers.

Access 119

Access Financial Services Retail Insurance 119

Hunton Privacy

JULY 1, 2022

On June 24, 2022, the New York State Department of Financial Services (“NYDFS” or the “Department”) announced it had entered into a $5 million settlement with Carnival Corp. Since Carnival was licensed by the Department to sell insurance in NY State, it was treated as a covered entity under the Cybersecurity Regulation.

Cybersecurity 115

Cybersecurity Insurance Phishing Financial Services 115

Reltio

JUNE 9, 2022

The insurance industry is facing unprecedented disruption. Insurance carriers have been called to transform customer experience, business offerings, and operations. As an insurer, your current business models are being challenged by new thinking, new competitors, and new ways of working.

Digital transformation 52

Digital transformation Insurance Customer Experience MDM 52

Data Matters

AUGUST 17, 2021

On August 11, 2021, the Federal Financial Institutions Examination Council (FFIEC)1 issued guidance establishing risk management principles and practices to support the authentication of users accessing a financial institution’s information systems and customers accessing a financial institution’s digital banking services (the Guidance).

Authentication 86

Authentication Access Risk Information Security 86

The Last Watchdog

SEPTEMBER 24, 2024

Credit monitoring services provide ongoing tracking of credit reports for suspicious activity, and some even offer insurance for identity theft-related losses. As breaches become more frequent, credit protection services become a more attractive option for those seeking peace of mind and financial security.

Authentication 215

Authentication IT ROT Compliance 215

The Last Watchdog

FEBRUARY 25, 2019

Related: Applying ‘zero trust’ to managed security services. So why hasn’t the corporate sector been more effective at locking down access for users? Here are takeaways from our fascinating discussion: Access pain points. It’s not for lack of trying. Efforts to balance security and productivity sometimes backfired.

Access 169

Access Government Authentication Data breaches 169

eSecurity Planet

SEPTEMBER 21, 2024

Health Insurance Portability & Accountability Act (HIPAA) The Health Insurance Portability and Accountability Act (HIPAA) sets standards for protecting sensitive health information, particularly electronic health records (EHRs). This includes administrative, physical, and technical safeguards like encryption and access controls.

Cybersecurity 120

Cybersecurity Computer and Electronics Compliance Privacy 120

Hunton Privacy

NOVEMBER 8, 2023

On November 1, 2023, New York Governor Hochul announced that the New York State Department of Financial Services (“NYDFS”) amended its Cybersecurity Regulation applicable to covered financial institutions. Our previous blog post covered key proposed changes to the Cyber Regulation.

Cybersecurity 72

Cybersecurity IT Compliance Financial Services 72

Data Protection Report

MARCH 7, 2024

A medical facility in the United States contracts with a company headquartered in a country of concern to provide IT-related services. The IT services provided under the contract involve access to the medical facility’s systems containing the bulk personal health data. Will there be some exempt financial transactions?

Access 59

Access Military Compliance Personal data 59

IBM Big Data Hub

SEPTEMBER 14, 2023

As enterprises modernize and migrate workloads to IBM Cloud, they often run into requirements that certain components of their application workloads to run on other cloud service provider networks. insurance, banking, healthcare, etc.)—to What are the different ways multicloud workloads can connect and communicate?

Cloud 70

Cloud Financial Services Insurance Compliance 70

OpenText Information Management

JULY 9, 2024

The financial services sector, long rooted in traditional methods and complex operations, is experiencing a dramatic transformation. Forget the outdated image of clunky fax machines—today’s digital fax and capture offer a sleek, efficient, and secure way to manage information in the modern financial world.

Paper 64

Paper Financial Services Blockchain Compliance 64

Data Protection Report

JUNE 2, 2021

On May 13, 2021, the New York Department of Financial Services (NYDFS) announced a $1.8 million settlement with two related insurance companies, relating to violations of two different requirements of the NYDFS cybersecurity regulation during the period 2018 to 2019. NYDFS Cybersecurity Regulation. The Consent Order.

Cybersecurity 71

Cybersecurity Insurance Financial Services Phishing 71

Security Affairs

JUNE 29, 2024

IMS specializes in providing business process outsourcing (BPO) and information technology (IT) services specifically tailored for the insurance and financial services industries. The investigation determined that threat actors gained access to the company systems between October 29, 2023, and November 2, 2023.

Data breaches 105

Data breaches e-Discovery Ransomware Insurance 105

Data Matters

JANUARY 28, 2022

Other government agencies, like the New York Department of Financial Services and the Federal Trade Commission, are also increasingly focused on the need for broad implementation of MFA. The agencies recommend that all users, without exception, must be authenticated with MFA for remote access to internal networks.

Cybersecurity 155

Cybersecurity Financial Services Authentication Government 155

HL Chronicle of Data Protection

MAY 13, 2019

In the past two years, multiple state bills that have been introduced in the US to provide for cybersecurity requirements and standards to the insurance sector, with recent legislative activity taking place in particular within the States of Ohio, South Carolina, and Michigan. NYDFS: Setting a new bar for state cybersecurity regulation.

Insurance 40

Insurance Cybersecurity Data breaches Financial Services 40

IBM Big Data Hub

AUGUST 17, 2023

This technology has numerous potential applications in the financial services industry, supply chain management, voting systems and more. Also, CBDC can improve financial inclusion. billion people do not have access to basic financial services. According to the World Bank, around 1.7

Blockchain 70

Blockchain Financial Services Risk Authentication 70

The Last Watchdog

APRIL 3, 2019

Its customer base is comprised of eight of the top 15 banks, four of the top six healthcare insurance and managed care providers, nine of the top 15 property and casualty insurance providers, five of the top 13 pharmaceutical companies, and 11 of the largest 15 federal agencies. Users re-defined. Compliance matters.

Digital transformation 140

Digital transformation Insurance Compliance Healthcare 140

Thales Cloud Protection & Licensing

JANUARY 15, 2024

A new generation of Fintech players, as well as major regulatory changes regarding GDPR, KYC and AML have meant that Financial Supervision continues to evolve in our increasingly digitalised world. A changing financial world Today’s consumers value ease of use - and payments and online financial services are no exception.

Unstructured data 71

Unstructured data B2B Access Financial Services 71

Krebs on Security

NOVEMBER 19, 2021

One of the more common ways cybercriminals cash out access to bank accounts involves draining the victim’s funds via Zelle , a “peer-to-peer” (P2P) payment service used by many financial institutions that allows customers to quickly send cash to friends and family.

IT 360

IT Passwords Authentication Phishing 360

IT Governance

DECEMBER 11, 2023

Researchers from the German cyber security company Aplite discovered 3,806 servers from 111 countries accessible on the Internet. Source (New) Transport USA Yes 129,611 Tcman Source (New) Manufacturing Spain Yes 108 GB (179 files) Compass Group Italia Source (New) Hospitality Italy Yes 107 GB Pan-American Life Insurance Group, Inc.

Data Privacy 89

Data Privacy Energy and Utilities Privacy Manufacturing 89

The Last Watchdog

MAY 24, 2021

billion hitting financial services organizations — an increase of more than 45 percent year-over-year in that sector. billion web app attacks last year, with more than 736 million targeting financial services. billion web attacks globally; 736 million in the financial services sector. A: Everything.

Financial Services 178

Financial Services Passwords Data breaches Authentication 178

Security Affairs

JULY 6, 2020

Xchanging is a business process and technology services provider and integrator, which provides technology-enabled business services to the commercial insurance industry. Xchanging is primarily an insurance managed services business that operates on a standalone basis.”

Ransomware 98

Ransomware Insurance Financial Services Manufacturing 98

Data Protection Report

FEBRUARY 8, 2022

According to the settlement agreement, the threat actor obtained access to the EyeMed email account on approximately June 24, 2020 and not only obtained access to six years’ worth of information, but also began sending 2,000 phishing emails on July 1. EyeMed blocked the threat actor’s access on July 1. SHIELD Act.

Passwords 98

Passwords Financial Services Authentication Insurance 98

Data Protection Report

APRIL 22, 2021

On April 14, 2021, the New York Department of Financial Services (NYDFS) announced a $3 million settlement with insurance company National Securities Corp. NSC’s investigation revealed that the unauthorized access to the employee’s MS O365 account occurred between September 13 and September 18, likely through phishing.

Cybersecurity 94

Cybersecurity Financial Services Phishing Compliance 94