Krebs on Security

JULY 23, 2020

In May 2019, KrebsOnSecurity broke the news that the website of mortgage title insurance giant First American Financial Corp. based First American [ NYSE:FAF ] is a leading provider of title insurance and settlement services to the real estate and mortgage industries. It employs some 18,000 people and brought in $6.2

Insurance 346

Insurance Financial Services Mining Access 346

Security Affairs

APRIL 8, 2020

The drug testing firm Hammersmith Medicines Research LTD (HMR), which performs live trials of Coronavirus vaccines, discloses a data breach. ” reads the data breach notification published by the company. The research firm revealed that many of the government IDs exposed in the data breach have since expired.

Ransomware 334

Ransomware Data breaches Encryption Financial Services 334

Krebs on Security

MAY 31, 2019

On May 29, The New York Times reported that the inquiry by New York’s Department of Financial Services is likely to be followed by other investigations from regulators and law enforcement. No authentication was needed to access the digitized records. ”

Financial Services 252

Financial Services Insurance Sales Authentication 252

Hunton Privacy

DECEMBER 4, 2023

On November 28, 2023, the New York Department of Financial Services (“NYDFS”) announced that First American Title Insurance Company (“First American”), the second-largest title insurance company in the United States, would pay a $1 million penalty for violations of the NYDFS Cybersecurity Regulation in connection with a 2019 data breach.

Financial Services 64

Financial Services Insurance Data breaches Cybersecurity 64

Thales Cloud Protection & Licensing

OCTOBER 24, 2024

New Cybersecurity Rules for Financial Institutions in New York State Take Effect November 1, 2024 madhav Fri, 10/25/2024 - 06:09 The next major deadline for compliance with the updated cybersecurity rules from the New York State Department of Financial Services (NYDFS) is November 1, 2024.

Cybersecurity 62

Cybersecurity Financial Services Encryption Compliance 62

The Last Watchdog

SEPTEMBER 24, 2024

The growing threat of cybercrime, including ransomware attacks and large-scale data leaks, is also pushing individuals to take more control of their personal data. Credit monitoring services provide ongoing tracking of credit reports for suspicious activity, and some even offer insurance for identity theft-related losses.

Authentication 216

Authentication IT ROT Compliance 216

Hunton Privacy

JULY 1, 2022

On June 24, 2022, the New York State Department of Financial Services (“NYDFS” or the “Department”) announced it had entered into a $5 million settlement with Carnival Corp. Since Carnival was licensed by the Department to sell insurance in NY State, it was treated as a covered entity under the Cybersecurity Regulation.

Cybersecurity 115

Cybersecurity Insurance Phishing Financial Services 115

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services 68

Financial Services Cybersecurity Insurance Risk 68

The Last Watchdog

MAY 24, 2021

billion hitting financial services organizations — an increase of more than 45 percent year-over-year in that sector. billion web app attacks last year, with more than 736 million targeting financial services. billion web attacks globally; 736 million in the financial services sector. A: Everything.

Financial Services 178

Financial Services Passwords Data breaches Authentication 178

Security Affairs

APRIL 20, 2023

During the recent investigation, the Cybernews research team discovered that the bank leaked the sensitive data due to the misconfiguration of their systems. ICICI Bank’s response Threat to financial accounts Finance and insurance are one of the most targeted industries by cybercriminals.

Personal data 246

Personal data Phishing Risk Communications 246

erwin

APRIL 11, 2019

In fact, organizations should expect increasing pressure on lawmakers to introduce new data protection regulations. A number of high-profile data breaches and scandals have increased public awareness of the issue. For example, many retailers have robust, data-driven e-commerce operations that are international.

GDPR 100

GDPR Compliance e-Discovery Metadata 100

DLA Piper Privacy Matters

NOVEMBER 26, 2018

Some interesting statistics relate to the number of data breach notifications and complaints received. since May 25th, the Belgian Data Protection Authority was notified of 317 data breaches (compared to last year when only 13 breaches were notified). In the six months ?since

GDPR 83

GDPR Data breaches Financial Services Insurance 83

HL Chronicle of Data Protection

FEBRUARY 25, 2020

Companies should take note of two imminent developments in New York in the area of cybersecurity regulation: enforcement of the New York Department of Financial Services (NYDFS) Cybersecurity Regulation (Regulation) and the effective date of the Stop Hacks and Improve Electronic Data Security Act (SHIELD Act or Act).

Cybersecurity 104

Cybersecurity Financial Services Data breaches Information Security 104

KnowBe4

JUNE 20, 2023

1 Root Cause of Data Breaches Verizon's DBIR always has a lot of information to unpack, so I'll continue my review by covering how stolen credentials play a role in attacks. So, what does the report say about the most common threat actions that are involved in data breaches?

Data breaches 102

Data breaches Phishing Security awareness Ransomware 102

eSecurity Planet

SEPTEMBER 21, 2024

Health Insurance Portability & Accountability Act (HIPAA) The Health Insurance Portability and Accountability Act (HIPAA) sets standards for protecting sensitive health information, particularly electronic health records (EHRs). HIPAA also requires organizations to conduct regular risk assessments and report data breaches.

Cybersecurity 121

Cybersecurity Computer and Electronics Compliance Privacy 121

Adam Levin

APRIL 6, 2020

Marriott International announced a data breach that may have exposed the information of 5.2 This is the second major data breach that Marriott has experienced in recent years; in 2018, the company announced that the information of 327 million customers of subsidiary Starwoodhad been compromised in a similar incident. .

Data breaches 75

Data breaches Passwords Financial Services Insurance 75

The Last Watchdog

FEBRUARY 25, 2019

This was because, as the complexity of business networks continued to intensify, so did the challenges of meeting data handling requirements under the Payment Card Industry Data Security Standard, the Health Insurance Portability and Accountability Act, the Sarbanes-Oxley Act, and the Federal Information Security Management Act.

Access 169

Access Government Authentication Data breaches 169

DLA Piper Privacy Matters

JULY 30, 2019

It’s summer, and life’s a breach. A data breach, that is. It’s your service provider’s breach, but it involves your (more likely, your customer’s) data. So put down the beach reading, for some breach reading. Who “owns” a data breach?

Data breaches 45

Data breaches Cybersecurity Financial Services Risk 45

HL Chronicle of Data Protection

MAY 13, 2019

In the past two years, multiple state bills that have been introduced in the US to provide for cybersecurity requirements and standards to the insurance sector, with recent legislative activity taking place in particular within the States of Ohio, South Carolina, and Michigan. NYDFS: Setting a new bar for state cybersecurity regulation.

Insurance 40

Insurance Cybersecurity Data breaches Financial Services 40

OpenText Information Management

DECEMBER 4, 2019

Last year, the number of personal records exposed by cyber attacks on the financial services industry was an incredible 446,575,334 – more than triple from the year before. The financial and reputational damage from these data breaches can be immense.

Financial Services 52

Financial Services Data breaches Security Personal data 52

Data Protection Report

APRIL 22, 2021

On April 14, 2021, the New York Department of Financial Services (NYDFS) announced a $3 million settlement with insurance company National Securities Corp. NSC), relating to violations of three different requirements of the NYDFS cybersecurity regulation during the period 2018 to 2020. NYDFS Cybersecurity Regulation.

Cybersecurity 94

Cybersecurity Financial Services Phishing Compliance 94

Data Protection Report

FEBRUARY 8, 2022

On January 24, 2022, the New York Attorney General (AG) announced a settlement with vision-benefits-provider EyeMed Vision Care, Inc., In total, information for approximately 2.1 EyeMed notified affected individuals and offered credit monitoring, fraud consultation, identity theft restoration. SHIELD Act.

Passwords 98

Passwords Financial Services Authentication Insurance 98

IT Governance

NOVEMBER 13, 2023

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Records breached: 79,582 Ontario hospitals update: information relating to 5.6 Records breached: 79,582 Ontario hospitals update: information relating to 5.6

Data Privacy 67

Data Privacy Privacy Security Data breaches 67

Data Matters

APRIL 20, 2021

This development indicates that sponsors and fiduciaries may soon be subject to focused scrutiny over their cybersecurity practices in DOL investigations and adds to the multiple existing sources of cybersecurity legal risk in the wake of data breaches or insufficient cybersecurity controls.

Cybersecurity 68

Cybersecurity Insurance Risk Compliance 68

Rocket Software

AUGUST 17, 2020

For some sectors, like finance, security and data protection are top of mind for everything that is done. Financial services organizations typically experience the most data breaches and hacks, which makes security a priority. Patient data is highly sensitive and confidential. But what about healthcare?

Authentication 52

Authentication Financial Services Passwords Insurance 52

Hunton Privacy

JULY 22, 2009

The UK Financial Services Authority (FSA) has announced today fines for three HSBC entities totaling £3 million for failing to have adequate systems and controls in place to protect their customers’ confidential data. The incident will reignite debate as to whether the UK should have a mandatory data breach law.

Security 40

Security Insurance Data breaches Personal data 40

Privacy and Cybersecurity Law

SEPTEMBER 20, 2016

On September 13, 2016, the New York Department of Financial Services introduced a new rule that would require banks, insurance […].

Financial Services 40

Financial Services Insurance Cybersecurity Data breaches 40

Adam Levin

NOVEMBER 30, 2018

If you prefer a more laid back approach, sign up for free transaction alerts from financial services institutions and credit card companies, or subscribe to a credit and identity monitoring program, 3. There are places to check your credit score for free online, and most credit cards let you see your FICO score. Manage the damage.

Financial Services 66

Financial Services Encryption Passwords Communications 66

Adam Levin

SEPTEMBER 5, 2019

Make sure you get on top of any incursion into your identity quickly and/or enroll in a program where professionals help you navigate and resolve identity compromises–oftentimes available for free, or at minimal cost, through insurance companies, financial services institutions and employers.

Mining 79

Mining Authentication Financial Services Privacy 79

Data Matters

AUGUST 5, 2019

On July 25, 2019, Governor Cuomo signed the two bills into law, one which amended the state’s data breach notification law, and another that created additional obligations for data breaches at credit reporting agencies. The Identity Theft Prevention and Mitigation Services Act. codified at N.Y.

Cybersecurity 68

Cybersecurity Data breaches Privacy Risk 68

Privacy and Cybersecurity Law

MARCH 23, 2018

” A prior IBM Study on the cost of data breaches found, using a sample of 419 companies in 13 countries and regions, that 47% of data breach incidents in 2016 involved a malicious or criminal attack, 25% were due to negligent employees or contractors (i.e.,

Cybersecurity 40

Cybersecurity Data breaches Artificial Intelligence IoT 40

Adam Levin

NOVEMBER 17, 2020

Never use duplicate usernames or passwords across any of your online accounts to limit your exposure in case of a data breach. Many insurance companies, financial services organizations and employers offer cyber and identity protection products and services as a perk of your relationship either for free or at a deep discount.

Retail 97

Retail e-Delivery Passwords Phishing 97

Reltio

OCTOBER 24, 2018

Providing customers a way to make data-related requests. Deploying processes for required data access, change and deletion. Implementing a mechanism in place for timely reporting of a data breach. At the same time, they must have the power to trace and maintain data lineage across all attributes.

Data Privacy 74

Data Privacy Privacy GDPR Compliance 74

Data Protection Report

JANUARY 7, 2019

The two-year transitional period under the New York State Department of Financial Services (“DFS””) Cybersecurity Regulation , 23 NYCRR 500 (the “Regulation”), will expire on March 1, 2019, with the final remaining requirement becoming effective.

Cybersecurity 40

Cybersecurity Compliance Financial Services Risk 40

Data Protection Report

OCTOBER 24, 2022

On October 18, 2022, the New York Department of Financial Services announced a settlement with EyeMed, a licensed life, accident, and health insurer, with respect to a security incident that occurred in 2020.

Cybersecurity 52

Cybersecurity Personal data Risk Financial Services 52

ARMA International

AUGUST 2, 2019

with Equifax in connection with a 2017 data breach that exposed sensitive, personal data of around 147 million people. According to the FTC’s press release, the data breach included “names and dates of birth, Social Security numbers, physical addresses, and other personal information that could lead to identity theft and fraud.”

Cloud 42

Cloud Data breaches Encryption Access 42

Data Matters

DECEMBER 23, 2020

Federal Deposit Insurance Corporation (FDIC) approved and the federal banking agencies jointly announced on December 18 a notice of proposed rulemaking, Computer-Security Incident Notification Requirements for Banking Organizations and Their Bank Service Providers (NPR). On December 15, 2020, the U.S.

Security 68

Security Cybersecurity Insurance Communications 68