Analysis, Financial Services and Personal data - Information Management Today

DEEP TECH NEWS: Respecting individual rights by using ‘privacy preserving aggregate statistics’

The Last Watchdog

JANUARY 28, 2024

However, over the past 20 years the practice of analyzing user data hasn’t advanced much beyond serving the business models of these tech giants. However, this intensive ingestion of personal data points — in the absence of reasonable oversight — has triggered consumer anxiety , and rightly so.

Privacy

Privacy Data Privacy GDPR Personal data

NY Charges First American Financial for Massive Data Leak

Krebs on Security

JULY 23, 2020

According to a filing (PDF) by the New York State Department of Financial Services (DFS), the weakness that exposed the documents was first introduced during an application software update in May 2014 and went undetected for years. The documents were available without authentication to anyone with a Web browser.

Insurance

Insurance Financial Services Mining Access

Ireland: Large-scale inquiries progress as DPC budget and staff numbers ramp up

DLA Piper Privacy Matters

FEBRUARY 28, 2022

Primary areas of focus for the DPC in 2021 included the safeguarding of children’s data protection rights, progressing ongoing large-scale inquires and prioritising responding to complaints which have raised issues of substance, with a data subject centric approach to resolution. Our analysis of the WhatsApp decision can be read here.

Financial Services

Financial Services Data breaches Personal data Compliance

Webinars

Launching LLM-Based Products: From Concept to Cash in 90 Days

Driving Responsible Innovation: How to Navigate AI Governance & Data Privacy

MORE WEBINARS

Infosys McCamish Systems data breach impacted over 6 million people

Security Affairs

JUNE 29, 2024

Infosys McCamish Systems (IMS) revealed that the 2023 data breach following the LockBit ransomware attack impacted 6 million individuals. IMS specializes in providing business process outsourcing (BPO) and information technology (IT) services specifically tailored for the insurance and financial services industries.

Data breaches

Data breaches e-Discovery Ransomware Insurance

The largest Russian bank Sberbank hit by a massive DDoS attack

Security Affairs

NOVEMBER 9, 2023

Sberbank , the Russian banking and financial services giant, announced that it was recently hit by a record-breaking distributed denial of service (DDoS) attack that reached 1 million RPS. We provide further analysis of this new Rapid Reset technique and discuss the evolution of Layer 7 attacks in a companion blog.”

Personal data

Personal data Financial Services Marketing Cloud

Security Affairs newsletter Round 450 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

DECEMBER 17, 2023

CISA and ENISA enhance their Cooperation CISA adds Qlik bugs to exploited vulnerabilities catalog Report: 2.6

Security

Security Data breaches Ransomware Artificial Intelligence

The Week in Cyber Security and Data Privacy: 6 – 12 November 2023

IT Governance

NOVEMBER 13, 2023

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. The data included shoppers’ names, email addresses, phone numbers, countries of residence and membership numbers. The information mostly related to court proceedings.

Data Privacy

Data Privacy Privacy Security Data breaches

An ongoing Qbot campaign targeted customers of tens of US banks

Security Affairs

JUNE 18, 2020

financial institutions and two banks in Canada and the Netherlands. “Analysis of the latest Qbot campaign shows that it is mainly focused on the United States (see Figure 1), targeting approximately 36 U.S. financial institutions and two banks in Canada and the Netherlands;” reads the report published by F5 Labs.

Phishing

Phishing Financial Services Personal data Security

Ireland: DPC Produces “Significant Outputs” for 2022 Concluding 17 Large Scale Inquiries

DLA Piper Privacy Matters

MARCH 30, 2023

Two-thirds of the GDPR fines issued by EU data protection authorities last year where from the DPC, illustrating a continued commitment to enforcement. Our analysis of the Meta (Instagram) decision can be read here. Of note is the DPC’s ongoing inquiry into the Department of Social Protection which commenced in 2021.

Personal data

Personal data GDPR Compliance Financial Services

AI Governance: Why our tested framework is essential in an AI world

Collibra

AUGUST 14, 2023

If you’re in financial services, maybe you’re considering how to incorporate AI into fraud detection, or personalized customer service, denial explanations or financial reporting. And you want to understand if the use of the data is legally permissible and within your organization’s policies.

Government

Government Risk Financial Services Compliance

UK Government sets out proposals to shake up UK data protection laws

Data Protection Report

SEPTEMBER 28, 2021

In August, the Government announced that it intended to “seize the opportunity” afforded by the UK’s exit from the European Union to makes some changes (see our blog The UK Government unveils its post-Brexit plans to shake up data protection laws | Data Protection Report ). Complaints and DSARs.

Government

Government FOIA GDPR Compliance

What is a Cyberattack? Types and Defenses

eSecurity Planet

JUNE 16, 2022

Crimeware is a type of malware that cyber criminals use to commit identity theft or gain financial information to execute transactions. Other techniques to steal personal data include the use of keyloggers that record all keystrokes and can reveal information. Crimeware and spyware. Other methods.

Ransomware

Ransomware Cybersecurity Phishing Encryption

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

The GDPR provision that may keep IT security teams busiest is Article 32, which requires “a process for regularly testing, assessing and evaluating the effectiveness of technical and organizational measures for ensuring the security of the processing” of personal data. GDPR-style data privacy laws came to the U.S.

Data Privacy

Data Privacy Compliance Privacy Security

FRANCE: CNIL adopts new single authorization on fraud prevention systems

DLA Piper Privacy Matters

SEPTEMBER 29, 2017

The French data protection authority (CNIL) has just adopted Single Authorization No. AU-054 (the “AU-054”) on July 13, 2017 in order to cover the processing of personal data implemented in relation to these fraud prevention/detection systems. The broad range of personal data that can be processed under the AU-054.

Personal data

Personal data Financial Services Risk Insurance

What is credential stuffing? And how to prevent it?

Security Affairs

MARCH 29, 2022

Earmarked by the FBI as a particular threat to the financial service industry just over a year ago, the increase of internet traffic, data breaches and API usage all contribute to the perfect conditions for successful credential stuffing attacks. “If Runtime behavior analysis.

IT

IT Passwords Authentication Data Privacy

Data Protection and the Draft EU-UK Withdrawal Agreement: Ten Initial Conclusions

HL Chronicle of Data Protection

NOVEMBER 15, 2018

The draft text of the EU-UK withdrawal agreement was published by the UK Government and the European Union yesterday, providing some of the first concrete indicators of the possible direction of travel in the area of data protection. Analysis of the text has barely started, but some of our initial conclusions are outlined below.

GDPR

GDPR Personal data Government Financial Services

New York’s Breach Law Amendments and New Security Requirements

Data Protection Report

OCTOBER 1, 2019

Law § 899-aa) differs from most states’ law in several ways including (1) using separate definitions of “personal information” and “private information;” and (2) providing factors to consider whether personal information had been acquired. New York’s new law contains similar examples of technical and physical safeguards.

Security

Security Financial Services Passwords Risk

The Week in Cyber Security and Data Privacy: 12 – 18 February 2024

IT Governance

FEBRUARY 21, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. In January 2024, it identified more potential victims, and has now written to inform them that their personal data may have been compromised in the incident.

Data Privacy

Data Privacy Manufacturing Privacy Energy and Utilities

Ireland & UK: Latest trends in data subject access requests in pending litigation

DLA Piper Privacy Matters

JULY 22, 2021

The rights around DSARs are set out in the GDPR and Recital 63 makes it clear that it is the intention that “a data subject should have the right of access to personal data… in order to be aware of, and verify, the lawfulness of the processing”. Approach of the Irish Data Protection Commission. Dealing with the DSAR.

Access

Access Personal data GDPR Financial Services

Capital Markets, AI, and the need for governance

Collibra

OCTOBER 31, 2023

With every financial services organization focused on making better and faster decisions, data professional and business leaders are eager to better understand how AI can facilitate their strategic goals. Not surprisingly, everyone was talking about Artificial Intelligence (AI). Already using AI?

Marketing

Marketing Government Financial Services Artificial Intelligence

The Week in Cyber Security and Data Privacy: 4 – 10 December 2023

IT Governance

DECEMBER 11, 2023

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Compromised information includes patients’ personal data, health and medical records, financial data, internal emails and software source code.

Data Privacy

Data Privacy Energy and Utilities Privacy Manufacturing

EU data governance regulation – a wave of digital, regulatory and antitrust reform begins – Part 1

Data Protection Report

DECEMBER 17, 2020

The DGR does not create a right to re-use such data, but provides for a set of harmonized basic conditions under which the re-use of such data may be allowed. The DGR does not create a right to re-use such data, but provides for a set of harmonized basic conditions under which the re-use of such data may be allowed.

Government

Government Personal data Marketing Artificial Intelligence

The Business of Data Newsletter – Issue 7 (7 December 2018)

Information Matters

DECEMBER 7, 2018

UK consumers threaten data breach backlash – Computer Weekly, 5 December 2018. “Seven out of 10 UK consumers and two-thirds, on average, around the world would stop doing business with a brand that suffers a breach of users’ financial or personal data. ” [link]. Which of those skills gets the pedestal?”

IoT

IoT Blockchain Personal data Analytics

The Week in Cyber Security and Data Privacy: 15 – 21 January 2024

IT Governance

JANUARY 23, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Welcome to this week’s round-up of the biggest and most interesting news stories.

Data Privacy

Data Privacy Privacy Manufacturing Security

The Week in Cyber Security and Data Privacy: 4 – 10 March 2024

IT Governance

MARCH 11, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. 66,702,148 known records breached in 103 newly disclosed incidents Welcome to this week’s global round-up of the biggest and most interesting news stories.

Data Privacy

Data Privacy Privacy Security Data breaches

California Consumer Privacy Act: The Challenge Ahead — Introduction to Hogan Lovells’ Blog Series

HL Chronicle of Data Protection

SEPTEMBER 12, 2018

Each post will provide analysis of key legal issues implicated by the CCPA along with practical takeaways. We will explore the ramifications for businesses of this seminal legislation in this multi-part series, The Challenge Ahead, authored by members of Hogan Lovells’ CCPA team. provide additional CCPA analyses and reports.

Privacy

Privacy Compliance GDPR Data breaches

The Tension between GDPR and Blockchain: Are they Polar Opposites or Can they Co-exist

AIIM

JANUARY 10, 2019

One of the most notable blockchain skeptics – David Gerard –argues that if “you were silly enough to put personal data into an append-only ledger which is a proof-of-work blockchain — that’d be flat-out insane.”. While pseudonymization falls within GDPR protection as such data may be re-identified (i.e.

Blockchain

Blockchain GDPR Privacy Personal data

The Week in Cyber Security and Data Privacy: 22 – 28 April 2024

IT Governance

APRIL 29, 2024

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. law with respect to their data collected by U.S

Data Privacy

Data Privacy Privacy Manufacturing Security

Information Management Today

DEEP TECH NEWS: Respecting individual rights by using ‘privacy preserving aggregate statistics’

NY Charges First American Financial for Massive Data Leak

Webinars

Trending Sources

Ireland: Large-scale inquiries progress as DPC budget and staff numbers ramp up

Webinars

Infosys McCamish Systems data breach impacted over 6 million people

The largest Russian bank Sberbank hit by a massive DDoS attack

Security Affairs newsletter Round 450 by Pierluigi Paganini – INTERNATIONAL EDITION

The Week in Cyber Security and Data Privacy: 6 – 12 November 2023

An ongoing Qbot campaign targeted customers of tens of US banks

Ireland: DPC Produces “Significant Outputs” for 2022 Concluding 17 Large Scale Inquiries

AI Governance: Why our tested framework is essential in an AI world

UK Government sets out proposals to shake up UK data protection laws

What is a Cyberattack? Types and Defenses

Security Compliance & Data Privacy Regulations

FRANCE: CNIL adopts new single authorization on fraud prevention systems

What is credential stuffing? And how to prevent it?

Data Protection and the Draft EU-UK Withdrawal Agreement: Ten Initial Conclusions

New York’s Breach Law Amendments and New Security Requirements

The Week in Cyber Security and Data Privacy: 12 – 18 February 2024

Ireland & UK: Latest trends in data subject access requests in pending litigation

Capital Markets, AI, and the need for governance

The Week in Cyber Security and Data Privacy: 4 – 10 December 2023

EU data governance regulation – a wave of digital, regulatory and antitrust reform begins – Part 1

The Business of Data Newsletter – Issue 7 (7 December 2018)

The Week in Cyber Security and Data Privacy: 15 – 21 January 2024

The Week in Cyber Security and Data Privacy: 4 – 10 March 2024

California Consumer Privacy Act: The Challenge Ahead — Introduction to Hogan Lovells’ Blog Series

The Tension between GDPR and Blockchain: Are they Polar Opposites or Can they Co-exist

The Week in Cyber Security and Data Privacy: 22 – 28 April 2024

Stay Connected