Analysis and Insurance - Information Management Today

Merck settles with insurers regarding a $1.4 billion claim over NotPetya damages

Security Affairs

JANUARY 6, 2024

Merck has resolved a dispute with insurers regarding a $1.4 Merck and its insurers have agreed with a $1.4 billion insurance claim for the losses caused by the NotPetya attack that took place in 2017. Merck had not taken out specific insurance to cover cyber attacks, it only had insurance coverage against general risks.

Insurance

Insurance Healthcare Manufacturing Ransomware

American Insurance firm State Farm victim of credential stuffing attacks

Security Affairs

AUGUST 7, 2019

The American group of insurance and financial services companies State Farm disclosed a credential stuffing attack it has suffered in July. The American group of insurance and financial services companies State Farm revealed that it was the victim of a credential stuffing attack it has suffered in July. The experts detected 8.3

Insurance

Insurance Data breaches Financial Services Passwords

Cyber Insurance and the Changing Global Risk Environment

Security Affairs

APRIL 22, 2022

When security fails, cyber insurance can become crucial for ensuring continuity. Our reliance on digital technology and the inherited risk is a key driving factor for buying cyber risk insurance. If the technology were to become unavailable, the resulting business impact could be mitigated with cyber insurance.

Insurance

Insurance Risk Cybersecurity Ransomware

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

Group-IB and CryptoIns introduce the world’s first insurance against cyber threats for cryptocurrency exchanges

Security Affairs

NOVEMBER 6, 2018

Group-IB and Swiss insurance broker ASPIS that owns CryptoIns project, have developed the world’s first scoring model for assessing cryptocurrency exchanges. According to CryptoIns analysts, the crypto assets insurance market is expected to reach $7 billion by 2023. Why do crypto exchanges’ users need insurance?

Insurance

Insurance Risk Marketing Cybersecurity

Watch out! Malware Analysis Sandboxes could expose sensitive data of your organization

Security Affairs

AUGUST 19, 2019

A study conducted by researchers at Cyjax revealed that organizations expose sensitive data via sandboxes used for malware analysis. Experts at the threat intelligence firm Cyjax analyzed file uploaded by organizations via malware analysis sandboxes and discovered that they were exposing sensitive data. Pierluigi Paganini.

Military

Military Insurance Education Phishing

Is Trickbot Botnet Making a Comeback?

Data Breach Today

JANUARY 30, 2021

Researchers: Phishing Campaign Targeting Insurance and Legal Industries Trickbot appears to be making a comeback with a fresh campaign that is targeting insurance companies and legal firms in North America, according to an analysis by Menlo Security.

Insurance

Insurance Phishing Security

Michigan Medicine data breach impacted 56953 patients

Security Affairs

JULY 24, 2024

As a result, all the emails involved were presumed compromised and the contents were reviewed to determine if sensitive data about patients was potentially impacted.This analysis took place between June 10, 2024, and June 27, 2024.” ” reads the data breach notification published by the organization.

Data breaches

Data breaches Insurance Passwords Access

Crypto Bug Uncovers 'WannaCry 2.0' Clues

Data Breach Today

OCTOBER 1, 2021

The latest edition of the ISMG Security Report features an analysis of how a cryptocurrency exchange bug has revealed North Korean Monero laundering. Also featured are cyber insurance trends and cybercrime innovation.

Insurance

Insurance Security

Greylock McKinnon Associates data breach exposed DOJ data of 341650 people

Security Affairs

APRIL 8, 2024

Greylock McKinnon Associates (GMA) provides expert economic analysis and litigation support to a diverse group of domestic and international clients in the legal profession, the business community, and government agencies, including the Department of Justice (DoJ).

Data breaches

Data breaches Insurance Cybersecurity Government

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 10

Security Affairs

SEPTEMBER 8, 2024

BlackSuit Ransomware Dissecting the Cicada Year-Long Campaign of Malicious npm Packages Targeting Roblox Users Rocinante: The trojan horse that wanted to fly Threat actors using MacroPack to deploy Brute Ratel, Havoc and PhantomCore payloads Earth Lusca Uses KTLVdoor Backdoor for Multiplatform Intrusion FBI: Play ransomware gang has attacked 300 orgs (..)

Security

Security Insurance Ransomware Government

Analysis: Anthem Data Breach Settlement

Data Breach Today

AUGUST 22, 2018

Some terms of the recent $115 million settlement in the class action lawsuit against health insurer Anthem tied to a 2015 cyberattack appear underwhelming for the victims, says attorney James DeGraw, who explains why.

Data breaches

Data breaches Insurance

NY Charges First American Financial for Massive Data Leak

Krebs on Security

JULY 23, 2020

In May 2019, KrebsOnSecurity broke the news that the website of mortgage title insurance giant First American Financial Corp. based First American [ NYSE:FAF ] is a leading provider of title insurance and settlement services to the real estate and mortgage industries. It employs some 18,000 people and brought in $6.2 billion in 2019.

Insurance

Insurance Financial Services Mining Access

Analysis: Did Anthem's Security 'Certification' Have Value?

Data Breach Today

OCTOBER 23, 2018

Insurer Was Certified as HITRUST CSF Compliant Before Its Mega-Breach Health insurer Anthem had earned HITRUST Common Security Framework certification before its mega-breach.

Insurance

Insurance Security IT

Analysis: Report on China Attacking Mobile Devices

Data Breach Today

SEPTEMBER 6, 2019

Plus: Do ransomware gangs target organizations that have cyber insurance? This week's ISMG Security Report takes a close look at whether an iPhone hacking campaign may be linked to Android spying campaigns by China.

Insurance

Insurance Ransomware Security

Global Scamdemic: Scams Become Number One Online Crime

Security Affairs

JUNE 10, 2021

Threat hunting and adversarial cyber intelligence company Group-IB published a comprehensive analysis of fraud cases on a global scale. Insurance companies around the world are now suffering from phishing. Over the past year, an average of over 100 phishing websites were created per insurer.

Phishing

Phishing Retail Insurance Risk

German IT provider Bitmarck hit by cyberattack

Security Affairs

MAY 1, 2023

Bitmarck, one of the largest IT service providers for social insurance carriers in Germany, announced yesterday that it has suffered a cyber attack. The incident impacted statutory health insurance companies that have their IT operated by BITMARCK. Our early warning systems have reported an attack on BITMARCK’s internal systems.

IT

IT Insurance Data breaches Education

Have board directors any liability for a cyberattack against their company?

Security Affairs

NOVEMBER 14, 2022

Add to that, there is the risk of penalties and fines (which are not insurable in most jurisdictions) not only under privacy and data protection regulations but also on the basis of cybersecurity regulations that are now proliferating. What should directors do if a cyberattack happens to the company? there could be reputational damage.

Insurance

Insurance Risk Ransomware Encryption

Dark Overlord hacking crew publishes first batch of confidential 9/11 files

Security Affairs

JANUARY 6, 2019

The Dark Overlord hacking group claims to have stolen a huge trove of documents from the British insurance company Hiscox, Hackers stole “hundreds of thousands of documents,” including tens of thousands files related to the 9/11 terrorist attacks.

Insurance

Insurance Data breaches Sales Government

Data Breach: Turkish legal advising company exposed over 15,000 clients

Security Affairs

FEBRUARY 26, 2021

Inova is an actuarial consultancy company, which means they compile statistical analysis and calculate insurance risks and premiums. Document sent to the insurance company by the victim’s lawyer. Inova has been operating since 2012 and has handled thousands of cases since then. Sketch of the accident from the police report.

Data breaches

Data breaches Insurance Paper Access

Hacked Data Broker Accounts Fueled Phony COVID Loans, Unemployment Claims

Krebs on Security

AUGUST 6, 2020

A group of thieves thought to be responsible for collecting millions in fraudulent small business loans and unemployment insurance benefits from COVID-19 economic relief efforts gathered personal data on people and businesses they were impersonating by leveraging several compromised accounts at a little-known U.S.

Insurance

Insurance Communications Authentication Access

China-linked Moshen Dragon abuses security software to sideload malware

Security Affairs

MAY 3, 2022

” reads the analysis published by SentinelOne. ” The analysis of the Moshen Dragon’s activity led to the discovery of several payloads uploaded to VirusTotal, some of which were the ‘PlugX Talisman variant’. In recent attacks spotted by SentinelOne, Moshen Dragon leveraged to sideload ShadowPad and PlugX variants.

Security

Security Military Insurance Cybersecurity

As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

Security Affairs

MAY 12, 2024

In December 2023, Elliptic and Corvus Insurance published a joint research that revealed the group accumulated at least $107 million in Bitcoin ransom payments since early 2022. ” reads the CSA. According to the experts, the ransomware gang has infected over 329 victims, including ABB , Capita , Dish Network , and Rheinmetall.

Ransomware

Ransomware Blockchain Retail Insurance

SilverTerrier gang uses COVID-19 lures in BEC attacks against healthcare, government organizations

Security Affairs

MAY 9, 2020

.” reads the analysis published by Palo Alto Networks. The attacks targeted a major utility provider, a university, and a government agency in the United States, a health agency in Canada, a health insurance provider, an energy company in Australia, and a European medical publishing company to deliver various malware families.

Government

Government Energy and Utilities Insurance Phishing

Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia

Security Affairs

APRIL 16, 2024

18 Gb.dwg - 38295 pcs - drawings and schematics of chips, microchips, transistors, etc. All data is confidential, contains trade secrets. - 30 Gb user data - production line settings - repository with equipment configures - 26 Gb machine operation logs - 1.2 Gb AWACS software - 13 Gb.esm files - 1.9 Gb.job files - 3 Gb.svn-base - 101 Gb -.pst

Ransomware

Ransomware Manufacturing Insurance Cybersecurity

Finance and Insurance Is the Sector Most Impacted by Data Breaches In 2022

KnowBe4

DECEMBER 30, 2022

Analysis of the year’s breaches shows Finance and Insurance businesses are the most targeted and have lost a material count of records as a result.

Insurance

Insurance Data breaches Security awareness Security

Automotive parts giant AutoZone disclosed data breach after MOVEit hack

Security Affairs

NOVEMBER 23, 2023

. “We have performed an analysis of the affected system and associated data to determine whether your information was potentially impacted. Based on that analysis, we have determined that certain of your information was included in those files.” million Teachers Insurance and Annuity Association of America 2.6

Data breaches

Data breaches Retail Education Ransomware

VF Corp December data breach impacts 35 million customers

Security Affairs

JANUARY 19, 2024

“Based on VF’s preliminary analysis from its ongoing investigation, VF currently estimates that the threat actor stole personal data of approximately 35.5 “VF will be seeking reimbursement of costs, expenses and losses stemming from the cyber incident by submitting claims to VF’s cybersecurity insurers.

Data breaches

Data breaches Passwords Retail Insurance

LabCorp: 7.7 Million Consumers Hit in Collections Firm Breach

Krebs on Security

JUNE 4, 2019

AMCA has advised LabCorp that Social Security Numbers and insurance identification information are not stored or maintained for LabCorp consumers.” ” ANALYSIS. Many readers wrote in to say they’d never heard of First American, but it is the largest title insurance company in the United States.

Insurance

Insurance Security Data Privacy Access

HackerOne awarded over $300 million bug hunters

Security Affairs

OCTOBER 30, 2023

Below is the analysis of vulnerability type by industry: How do the company customers measure the ROI of the HackerOne security program? 54% Financial savings estimated from avoiding risk, 51% Risk assessment (internal or external), 32% Agility and speed of security teams’ responsiveness, and 7% Discount on cyber insurance.

Blockchain

Blockchain Risk Insurance Security

30 million Americans affected by the Astoria Company data breach

Security Affairs

MARCH 25, 2021

Astoria Company LLC is a lead generation company that leverages on a network of websites to collect information on a person that may be looking for discounted car loans, different medical insurance, or even payday loans. Collected data si shared with a number of partner sites (such as insurance or loan agencies), that pay per lead referral.

Data breaches

Data breaches Sales Insurance Marketing

Threat actors using FrameworkPOS malware in POS attacks

Security Affairs

MARCH 3, 2019

” reads the analysis published by Morphisec. Hackers belong to finance, insurance and healthcare industries, victims of the attacks were identified in the United States, Japan, and India. ” continues the analysis. “The second type is a shellcode backdoor beacon with PowerShell and Mimikatz functionality.”

Insurance

Insurance Libraries Sales Security

US CISA report shares details on web shells used by Iranian hackers

Security Affairs

SEPTEMBER 16, 2020

Cybersecurity and Infrastructure Security Agency (CISA) released a malware analysis report (MAR) that includes technical details about web shells employed by Iranian hackers. A web shell is a code, often written in typical web development programming languages (e.g.,

Passwords

Passwords Access Insurance Encryption

Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022

Security Affairs

DECEMBER 1, 2023

A joint research by Elliptic and Corvus Insurance revealed that the group accumulated at least $107 million in Bitcoin ransom payments since early 2022. “Our analysis suggests that Black Basta has received at least $107 million in ransom payments since early 2022, across more than 90 victims.

Ransomware

Ransomware Blockchain Retail Insurance

Lloyd’s Will No Longer Include Nation-State Attacks in its Cyber Insurance Policies

IT Governance

AUGUST 25, 2022

Lloyd’s of London has announced that its insurance policies will no longer cover losses resulting from certain nation-state cyber attacks or acts of war. In a memo sent to the organisation’s insurance syndicates , Underwriting Director Tony Chaudhry said that Lloyd’s remains “strongly supportive” of policies that cover cyber attacks.

Insurance

Insurance IT Government Risk

How generative AI delivers value to insurance companies and their customers

IBM Big Data Hub

DECEMBER 1, 2023

Insurers struggle to manage profitability while trying to grow their businesses and retain clients. Large, well-established insurance companies have a reputation of being very conservative in their decision making, and they have been slow to adopt new technologies.

Insurance

Insurance Digital transformation Customer Experience Cloud

Cryptocurrency Exchange Bug Reveals 'WannaCry 2.0' Clues

Data Breach Today

OCTOBER 4, 2021

The latest edition of the ISMG Security Report features an analysis of how a cryptocurrency exchange bug has revealed North Korean monero laundering. Also featured are cyber insurance trends and cybercrime innovation.

Insurance

Insurance Security

Researchers released a free decryptor for Black Basta ransomware

Security Affairs

JANUARY 2, 2024

A joint research by Elliptic and Corvus Insurance revealed that the group accumulated at least $107 million in Bitcoin ransom payments since early 2022. “Our analysis suggests that files can be recovered if the plaintext of 64 encrypted bytes is known. Depending on the file size, the ransomware encrypts the initial 5000 bytes.

Ransomware

Ransomware Encryption Blockchain Insurance

Infosys McCamish Systems data breach impacted over 6 million people

Security Affairs

JUNE 29, 2024

IMS specializes in providing business process outsourcing (BPO) and information technology (IT) services specifically tailored for the insurance and financial services industries. Infosys McCamish Systems (IMS) revealed that the 2023 data breach following the LockBit ransomware attack impacted 6 million individuals.

Data breaches

Data breaches e-Discovery Ransomware Insurance

Luxottica data breach exposes info of LensCrafters and EyeMed patients

Security Affairs

NOVEMBER 8, 2020

The analysis of the leaked files revealed that they contain confidential information regarding the recruitment process, professional resumes, and info about the internal structures of the Group’s human resource department. The exposed financial data includes budgets, marketing forecast analysis, and other sensitive data.

Data breaches

Data breaches Insurance Ransomware Retail

Previously undetected Earth Longzhi APT group is a subgroup of APT41

Security Affairs

NOVEMBER 15, 2022

Further analysis, revealed that the same threat actor targeted multiple regions using a similar Cobalt Strike loader and has been active since 2020. ” reads the analysis published by Trend Micro. Trend Micro reported that the Earth Longzhi group, a previously undocumented subgroup of APT41, targets Ukraine and Asian Countries.

Archiving

Archiving Passwords Metadata Insurance

Swarmshop – What goes around comes around: hackers leak other hackers’ data online

Security Affairs

APRIL 8, 2021

The analysis of the freshly exposed database found that the information was new as it indicated the latest user activity timestamps. In addition to stolen bank cards, the database revealed 498 sets of online banking account credentials and 68,995 sets of US Social Security Numbers and 597 pieces of Canadian Social Insurance Numbers.

Passwords

Passwords Insurance Personal data Sales

Mitigating the impact of climate change in insurance and other financial services

IBM Big Data Hub

MARCH 25, 2024

According to Berenberg analysts , individual insurance companies faced total claims estimates of up to approximately USD 300 million. For other financial services firms outside of the insurance sector, property accepted as loan security might face climate-related risks as well.

Financial Services

Financial Services Insurance Risk Agriculture

NYDFS issues significant guidance on insurers using AI or external data

Data Protection Report

FEBRUARY 2, 2024

On January 17, 2024 the New York Department of Financial Services (“NYDFS”) published a Proposed Insurance Circular Letter (“Proposed Circular”) regarding the use of artificial intelligence systems (“AIS”) and external consumer data and information sources (“ECDIS”) in insurance underwriting and pricing. Actual Actuarial Validity.

Insurance

Insurance Artificial Intelligence Risk Compliance

Black Basta gang claims the hack of the UK water utility Southern Water

Security Affairs

JANUARY 23, 2024

A joint research by Elliptic and Corvus Insurance revealed that the group accumulated at least $107 million in Bitcoin ransom payments since early 2022. Our analysis suggests that files can be recovered if the plaintext of 64 encrypted bytes is known. Depending on the file size, the ransomware encrypts the initial 5000 bytes.

Encryption

Encryption Ransomware Blockchain Insurance

Merck settles with insurers regarding a $1.4 billion claim over NotPetya damages

American Insurance firm State Farm victim of credential stuffing attacks

Webinars

Trending Sources

Cyber Insurance and the Changing Global Risk Environment

Webinars

Group-IB and CryptoIns introduce the world’s first insurance against cyber threats for cryptocurrency exchanges

Watch out! Malware Analysis Sandboxes could expose sensitive data of your organization

Is Trickbot Botnet Making a Comeback?

Michigan Medicine data breach impacted 56953 patients

Crypto Bug Uncovers 'WannaCry 2.0' Clues

Greylock McKinnon Associates data breach exposed DOJ data of 341650 people

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 10

Analysis: Anthem Data Breach Settlement

NY Charges First American Financial for Massive Data Leak

Analysis: Did Anthem's Security 'Certification' Have Value?

Analysis: Report on China Attacking Mobile Devices

Global Scamdemic: Scams Become Number One Online Crime

German IT provider Bitmarck hit by cyberattack

Have board directors any liability for a cyberattack against their company?

Dark Overlord hacking crew publishes first batch of confidential 9/11 files

Data Breach: Turkish legal advising company exposed over 15,000 clients

Hacked Data Broker Accounts Fueled Phony COVID Loans, Unemployment Claims

China-linked Moshen Dragon abuses security software to sideload malware

As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

SilverTerrier gang uses COVID-19 lures in BEC attacks against healthcare, government organizations

Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia

Finance and Insurance Is the Sector Most Impacted by Data Breaches In 2022

Automotive parts giant AutoZone disclosed data breach after MOVEit hack

VF Corp December data breach impacts 35 million customers

LabCorp: 7.7 Million Consumers Hit in Collections Firm Breach

HackerOne awarded over $300 million bug hunters

30 million Americans affected by the Astoria Company data breach

Threat actors using FrameworkPOS malware in POS attacks

US CISA report shares details on web shells used by Iranian hackers

Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022

Lloyd’s Will No Longer Include Nation-State Attacks in its Cyber Insurance Policies

How generative AI delivers value to insurance companies and their customers

Cryptocurrency Exchange Bug Reveals 'WannaCry 2.0' Clues

Researchers released a free decryptor for Black Basta ransomware

Infosys McCamish Systems data breach impacted over 6 million people

Luxottica data breach exposes info of LensCrafters and EyeMed patients

Previously undetected Earth Longzhi APT group is a subgroup of APT41

Swarmshop – What goes around comes around: hackers leak other hackers’ data online

Mitigating the impact of climate change in insurance and other financial services

NYDFS issues significant guidance on insurers using AI or external data

Black Basta gang claims the hack of the UK water utility Southern Water

Stay Connected